Merge remote-tracking branch 'gum/master'
This commit is contained in:
commit
3047fea88d
@ -1,20 +1,57 @@
|
|||||||
before_script:
|
before_script:
|
||||||
- mkdir -p ~/.ssh
|
- nix-env -iA nixpkgs.openssh nixpkgs.gnupg nixpkgs.curl nixpkgs.git nixpkgs.pass || true
|
||||||
- echo "$deploy_privkey" > deploy.key
|
# prepare github deployment for NUR
|
||||||
- export GIT_SSH_COMMAND="ssh -i $PWD/deploy.key"
|
- mkdir -p ~/.ssh
|
||||||
- chmod 600 deploy.key
|
- echo "$github_deploy_privkey" > ~/.ssh/github_deploy.key
|
||||||
- ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts
|
- chmod 600 ~/.ssh/github_deploy.key
|
||||||
nix-shell test:
|
- ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts
|
||||||
|
# prepare git fetching of secrets
|
||||||
|
- echo "$gitlab_deploy_privkey" > ~/.ssh/gitlab_deploy.key
|
||||||
|
- chmod 600 ~/.ssh/gitlab_deploy.key
|
||||||
|
- ssh-keyscan -H 'ssh.git.shackspace.de' >> ~/.ssh/known_hosts
|
||||||
|
# import secret key for secrets
|
||||||
|
- echo "$secrets_gpg_key" | gpg --import
|
||||||
|
wolf deployment test:
|
||||||
|
stage: test
|
||||||
|
script:
|
||||||
|
- GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
||||||
|
- test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337
|
||||||
|
- git submodule update --init
|
||||||
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test)
|
||||||
|
nix-shell test:
|
||||||
|
stage: test
|
||||||
script:
|
script:
|
||||||
- env
|
|
||||||
- nix-shell --pure --command 'true' -p stdenv && echo success
|
- nix-shell --pure --command 'true' -p stdenv && echo success
|
||||||
- nix-shell --pure --command 'false' -p stdenv || echo success
|
- nix-shell --pure --command 'false' -p stdenv || echo success
|
||||||
|
- git --version
|
||||||
|
- ssh -V
|
||||||
|
- gpg --version
|
||||||
|
- curl --version
|
||||||
|
wolf deployment:
|
||||||
|
stage: deploy
|
||||||
|
script:
|
||||||
|
- cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa
|
||||||
|
- git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
||||||
|
- git submodule update --init
|
||||||
|
- ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts
|
||||||
|
# TODO, hostname wolf cannot be resolved
|
||||||
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy)
|
||||||
|
only:
|
||||||
|
changes:
|
||||||
|
- .gitlab-ci.yml
|
||||||
|
- krebs/**/*
|
||||||
|
- lib/**/*
|
||||||
|
- .gitmodules
|
||||||
nur-packages makefu:
|
nur-packages makefu:
|
||||||
|
stage: deploy
|
||||||
script:
|
script:
|
||||||
- git reset --hard origin/master
|
- git reset --hard origin/master
|
||||||
- git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD
|
- git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD
|
||||||
- git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git
|
- git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git
|
||||||
- git push --force deploy HEAD:master
|
- GIT_SSH_COMMAND="ssh -i ~/.ssh/github_deploy.key" git push --force deploy HEAD:master
|
||||||
- curl -XPOST http://nur-update.herokuapp.com/update?repo=makefu
|
- curl -XPOST http://nur-update.herokuapp.com/update?repo=makefu
|
||||||
|
only:
|
||||||
|
changes:
|
||||||
|
- makefu/**/*
|
||||||
after_script:
|
after_script:
|
||||||
- rm -f deploy.key
|
- rm -rf .ssh/
|
||||||
|
0
krebs/0tests/data/secrets/shack/muell_mail.js
Normal file
0
krebs/0tests/data/secrets/shack/muell_mail.js
Normal file
1
krebs/0tests/data/secrets/shack/s3-power.json
Normal file
1
krebs/0tests/data/secrets/shack/s3-power.json
Normal file
@ -0,0 +1 @@
|
|||||||
|
{}
|
0
krebs/0tests/data/secrets/shack/unifi-prometheus-pw
Normal file
0
krebs/0tests/data/secrets/shack/unifi-prometheus-pw
Normal file
@ -7,13 +7,14 @@
|
|||||||
<stockholm/krebs/2configs/secret-passwords.nix>
|
<stockholm/krebs/2configs/secret-passwords.nix>
|
||||||
<stockholm/krebs/2configs/hw/x220.nix>
|
<stockholm/krebs/2configs/hw/x220.nix>
|
||||||
|
|
||||||
<stockholm/krebs/2configs/stats/puyak-client.nix>
|
|
||||||
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
||||||
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
||||||
<stockholm/krebs/2configs/go.nix>
|
<stockholm/krebs/2configs/go.nix>
|
||||||
<stockholm/krebs/2configs/ircd.nix>
|
<stockholm/krebs/2configs/ircd.nix>
|
||||||
<stockholm/krebs/2configs/news.nix>
|
<stockholm/krebs/2configs/news.nix>
|
||||||
<stockholm/krebs/2configs/news-spam.nix>
|
<stockholm/krebs/2configs/news-spam.nix>
|
||||||
|
<stockholm/krebs/2configs/shack/prometheus/node.nix>
|
||||||
|
<stockholm/krebs/2configs/shack/gitlab-runner.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.puyak;
|
krebs.build.host = config.krebs.hosts.puyak;
|
||||||
@ -59,9 +60,9 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.logind.extraConfig = ''
|
services.logind.lidSwitch = "ignore";
|
||||||
HandleLidSwitch=ignore
|
services.logind.lidSwitchExternalPower = "ignore";
|
||||||
'';
|
|
||||||
|
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0"
|
SUBSYSTEM=="net", ATTR{address}=="8c:70:5a:b2:84:58", NAME="wl0"
|
||||||
|
@ -23,6 +23,16 @@ in
|
|||||||
# <stockholm/krebs/2configs/shack/nix-cacher.nix>
|
# <stockholm/krebs/2configs/shack/nix-cacher.nix>
|
||||||
# Say if muell will be collected
|
# Say if muell will be collected
|
||||||
<stockholm/krebs/2configs/shack/muell_caller.nix>
|
<stockholm/krebs/2configs/shack/muell_caller.nix>
|
||||||
|
# provide muellshack api
|
||||||
|
<stockholm/krebs/2configs/shack/muellshack.nix>
|
||||||
|
# provide light control api
|
||||||
|
<stockholm/krebs/2configs/shack/node-light.nix>
|
||||||
|
# send mail if muell was not handled
|
||||||
|
<stockholm/krebs/2configs/shack/muell_mail.nix>
|
||||||
|
# send mail if muell was not handled
|
||||||
|
<stockholm/krebs/2configs/shack/s3-power.nix>
|
||||||
|
# powerraw usb serial to mqtt and raw socket
|
||||||
|
<stockholm/krebs/2configs/shack/powerraw.nix>
|
||||||
|
|
||||||
# create samba share for anonymous usage with the laser and 3d printer pc
|
# create samba share for anonymous usage with the laser and 3d printer pc
|
||||||
<stockholm/krebs/2configs/shack/share.nix>
|
<stockholm/krebs/2configs/shack/share.nix>
|
||||||
@ -38,13 +48,20 @@ in
|
|||||||
<stockholm/krebs/2configs/shack/mqtt_sub.nix>
|
<stockholm/krebs/2configs/shack/mqtt_sub.nix>
|
||||||
## Collect radioactive data and put into graphite
|
## Collect radioactive data and put into graphite
|
||||||
<stockholm/krebs/2configs/shack/radioactive.nix>
|
<stockholm/krebs/2configs/shack/radioactive.nix>
|
||||||
|
## mqtt.shack
|
||||||
|
<stockholm/krebs/2configs/shack/mqtt.nix>
|
||||||
## Collect local statistics via collectd and send to collectd
|
## Collect local statistics via collectd and send to collectd
|
||||||
<stockholm/krebs/2configs/stats/wolf-client.nix>
|
<stockholm/krebs/2configs/stats/wolf-client.nix>
|
||||||
## write collectd statistics to wolf.shack
|
|
||||||
<stockholm/krebs/2configs/collectd-base.nix>
|
|
||||||
{ services.influxdb.enable = true; }
|
{ services.influxdb.enable = true; }
|
||||||
|
|
||||||
<stockholm/krebs/2configs/shack/netbox.nix>
|
<stockholm/krebs/2configs/shack/netbox.nix>
|
||||||
|
<stockholm/krebs/2configs/shack/prometheus/server.nix>
|
||||||
|
<stockholm/krebs/2configs/shack/prometheus/node.nix>
|
||||||
|
<stockholm/krebs/2configs/shack/prometheus/unifi.nix>
|
||||||
|
<stockholm/krebs/2configs/collectd-base.nix> # home-assistant
|
||||||
|
{ services.influxdb.enable = true; }
|
||||||
|
|
||||||
];
|
];
|
||||||
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
||||||
# apt-cacher-ng in first place)
|
# apt-cacher-ng in first place)
|
||||||
@ -76,10 +93,12 @@ in
|
|||||||
networking = {
|
networking = {
|
||||||
firewall.enable = false;
|
firewall.enable = false;
|
||||||
firewall.allowedTCPPorts = [ 8088 8086 8083 ];
|
firewall.allowedTCPPorts = [ 8088 8086 8083 ];
|
||||||
interfaces."${ext-if}".ipv4.addresses = [{
|
interfaces."${ext-if}".ipv4.addresses = [
|
||||||
address = shack-ip;
|
{
|
||||||
prefixLength = 20;
|
address = shack-ip;
|
||||||
}];
|
prefixLength = 20;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
defaultGateway = "10.42.0.1";
|
defaultGateway = "10.42.0.1";
|
||||||
nameservers = [ "10.42.0.100" "10.42.0.200" ];
|
nameservers = [ "10.42.0.100" "10.42.0.200" ];
|
||||||
@ -125,6 +144,7 @@ in
|
|||||||
config.krebs.users.raute.pubkey
|
config.krebs.users.raute.pubkey
|
||||||
config.krebs.users.makefu-omo.pubkey
|
config.krebs.users.makefu-omo.pubkey
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci
|
||||||
];
|
];
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
|
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
|
||||||
|
@ -9,7 +9,7 @@ let
|
|||||||
ModulePath "${collectd-connect-time}/lib/${python.libPrefix}/site-packages/"
|
ModulePath "${collectd-connect-time}/lib/${python.libPrefix}/site-packages/"
|
||||||
Import "collectd_connect_time"
|
Import "collectd_connect_time"
|
||||||
<Module collectd_connect_time>
|
<Module collectd_connect_time>
|
||||||
target "localhost:22" "google.com" "google.de" "gum.r:22" "gum.krebsco.de" "heidi.shack:22" "10.42.0.1:22" "heise.de" "t-online.de"
|
target "localhost:22" "google.com" "google.de" "gum.r:22" "gum.krebsco.de" "10.42.0.1:22" "heise.de" "t-online.de"
|
||||||
interval 10
|
interval 10
|
||||||
</Module>
|
</Module>
|
||||||
</Plugin>
|
</Plugin>
|
||||||
@ -18,7 +18,7 @@ let
|
|||||||
LoadPlugin write_graphite
|
LoadPlugin write_graphite
|
||||||
<Plugin "write_graphite">
|
<Plugin "write_graphite">
|
||||||
<Carbon>
|
<Carbon>
|
||||||
Host "heidi.shack"
|
Host "wolf.r"
|
||||||
Port "2003"
|
Port "2003"
|
||||||
Prefix "retiolum."
|
Prefix "retiolum."
|
||||||
EscapeCharacter "_"
|
EscapeCharacter "_"
|
||||||
|
@ -34,6 +34,13 @@ with import <stockholm/lib>;
|
|||||||
rxvt_unicode.terminfo
|
rxvt_unicode.terminfo
|
||||||
];
|
];
|
||||||
|
|
||||||
|
i18n = {
|
||||||
|
consoleKeyMap = "us";
|
||||||
|
defaultLocale = lib.mkForce "C";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
programs.ssh.startAgent = false;
|
programs.ssh.startAgent = false;
|
||||||
|
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
|
@ -6,16 +6,17 @@ let
|
|||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
systemd.services.gitlab-runner.path = [
|
|
||||||
"/run/wrappers" # /run/wrappers/bin/su
|
|
||||||
"/" # /bin/sh
|
|
||||||
];
|
|
||||||
imports = [
|
imports = [
|
||||||
"${runner-src}/gitlab-runner.nix"
|
"${runner-src}/gitlab-runner.nix"
|
||||||
];
|
];
|
||||||
services.gitlab-runner2.enable = true;
|
services.gitlab-runner2 = {
|
||||||
## registrationConfigurationFile contains:
|
enable = true;
|
||||||
# CI_SERVER_URL=<CI server URL>
|
## registrationConfigurationFile contains:
|
||||||
# REGISTRATION_TOKEN=<registration secret>
|
# CI_SERVER_URL=<CI server URL>
|
||||||
services.gitlab-runner2.registrationConfigFile = <secrets/shackspace-gitlab-ci>;
|
# REGISTRATION_TOKEN=<registration secret>
|
||||||
|
registrationConfigFile = <secrets/shackspace-gitlab-ci>;
|
||||||
|
#gracefulTermination = true;
|
||||||
|
};
|
||||||
|
systemd.services.gitlab-runner2.restartIfChanged = false;
|
||||||
|
systemd.services.docker.restartIfChanged = false;
|
||||||
}
|
}
|
||||||
|
14
krebs/2configs/shack/mqtt.nix
Normal file
14
krebs/2configs/shack/mqtt.nix
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{
|
||||||
|
networking.firewall.allowedTCPPorts = [ 1883 ];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 1883 ];
|
||||||
|
services.mosquitto = {
|
||||||
|
enable = true;
|
||||||
|
host = "0.0.0.0";
|
||||||
|
users = {};
|
||||||
|
# TODO: secure that shit
|
||||||
|
aclExtraConf = ''
|
||||||
|
pattern readwrite #
|
||||||
|
'';
|
||||||
|
allowAnonymous = true;
|
||||||
|
};
|
||||||
|
}
|
33
krebs/2configs/shack/muell_mail.nix
Normal file
33
krebs/2configs/shack/muell_mail.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
pkg = pkgs.callPackage (
|
||||||
|
pkgs.fetchgit {
|
||||||
|
url = "https://git.shackspace.de/rz/muell_mail";
|
||||||
|
rev = "861ec25ab22797d8961efb32e72d79e113aa9f0f";
|
||||||
|
sha256 = "sha256:18cw95zbr7isv4cw80cbpd84n5z208fwh5390i6j10jkn398mjq2";
|
||||||
|
}) {};
|
||||||
|
home = "/var/lib/muell_mail";
|
||||||
|
cfg = toString <secrets/shack/muell_mail.js>;
|
||||||
|
in {
|
||||||
|
users.users.muell_mail = {
|
||||||
|
inherit home;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
systemd.services.muell_mail = {
|
||||||
|
description = "muell_mail";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment.CONFIG = "${home}/muell_mail.js";
|
||||||
|
serviceConfig = {
|
||||||
|
User = "muell_mail";
|
||||||
|
ExecStartPre = pkgs.writeDash "muell_mail-pre" ''
|
||||||
|
install -D -omuell_mail -m700 ${cfg} ${home}/muell_mail.js
|
||||||
|
'';
|
||||||
|
WorkingDirectory = home;
|
||||||
|
PermissionsStartOnly = true;
|
||||||
|
ExecStart = "${pkg}/bin/muell_mail";
|
||||||
|
Restart = "always";
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
43
krebs/2configs/shack/muellshack.nix
Normal file
43
krebs/2configs/shack/muellshack.nix
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
pkg = pkgs.callPackage (
|
||||||
|
pkgs.fetchgit {
|
||||||
|
url = "https://git.shackspace.de/rz/muellshack";
|
||||||
|
rev = "d8a5e2d4c0a22804838675ac42b468299dcd9a76";
|
||||||
|
sha256 = "0ff6q64dgdxmpszp94z100fdic175b1vvxn4crg8p0jcabzxsv0m";
|
||||||
|
}) {};
|
||||||
|
home = "/var/lib/muellshack";
|
||||||
|
port = "8081";
|
||||||
|
in {
|
||||||
|
users.users.muellshack = {
|
||||||
|
inherit home;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."muell.shack" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${port}/muellshack/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."openhab.shack" = {
|
||||||
|
locations."/muellshack/".proxyPass = "http://localhost:${port}/muellshack/";
|
||||||
|
};
|
||||||
|
systemd.services.muellshack = {
|
||||||
|
description = "muellshack";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment.PORT = port;
|
||||||
|
serviceConfig = {
|
||||||
|
User = "muellshack";
|
||||||
|
# do not override the current storage fil
|
||||||
|
ExecStartPre = pkgs.writeDash "call-muell-pre" ''
|
||||||
|
cp -vf ${pkg}/share/static_muelldata.json ${home}
|
||||||
|
cp -vn ${pkg}/share/storage.json ${home}
|
||||||
|
chmod 700 ${home}/storage.json
|
||||||
|
'';
|
||||||
|
WorkingDirectory = home;
|
||||||
|
ExecStart = "${pkg}/bin/muellshack";
|
||||||
|
Restart = "always";
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
53
krebs/2configs/shack/node-light.nix
Normal file
53
krebs/2configs/shack/node-light.nix
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
pkg = pkgs.callPackage (
|
||||||
|
pkgs.fetchgit {
|
||||||
|
url = "https://git.shackspace.de/rz/node-light.git";
|
||||||
|
rev = "a32c782650c4cc0adf51250fe249167d7246c59b";
|
||||||
|
sha256 = "0clvcp1m2ay0a9ibh7s21q7d9a6nam3497bysvc6mdygblks22qy";
|
||||||
|
}) {};
|
||||||
|
home = "/var/lib/node-light";
|
||||||
|
port = "8082";
|
||||||
|
in {
|
||||||
|
# receive response from light.shack / standby.shack
|
||||||
|
networking.firewall.allowedUDPPorts = [ 2342 ];
|
||||||
|
users.users.node-light = {
|
||||||
|
inherit home;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."lounge.light.shack" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${port}/lounge/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."power.light.shack" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${port}/power/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."openhab.shack" = {
|
||||||
|
serverAliases = [ "lightapi.shack" ];
|
||||||
|
locations."/power/".proxyPass = "http://localhost:${port}/power/";
|
||||||
|
locations."/lounge/".proxyPass = "http://localhost:${port}/lounge/";
|
||||||
|
};
|
||||||
|
systemd.services.node-light= {
|
||||||
|
description = "node-light";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment.PORT = port;
|
||||||
|
serviceConfig = {
|
||||||
|
User = "node-light";
|
||||||
|
# do not override the current storage file
|
||||||
|
ExecStartPre = pkgs.writeDash "call-light-pre" ''
|
||||||
|
cp -vn ${pkg}/share/storage.json ${home}
|
||||||
|
chmod 700 ${home}/storage.json
|
||||||
|
|
||||||
|
'';
|
||||||
|
WorkingDirectory = home;
|
||||||
|
ExecStart = "${pkg}/bin/node-light";
|
||||||
|
Restart = "always";
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
72
krebs/2configs/shack/powerraw.nix
Normal file
72
krebs/2configs/shack/powerraw.nix
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
# Replacement for powerraw.shack pollin box
|
||||||
|
# Requires usb-serial device on host
|
||||||
|
# Requires mqtt available at mqtt.shack
|
||||||
|
# Requires hostname powerraw.shack
|
||||||
|
let
|
||||||
|
influx-url = "http://influx.shack:8086";
|
||||||
|
pkg = pkgs.python3.pkgs.callPackage (
|
||||||
|
pkgs.fetchgit {
|
||||||
|
url = "https://git.shackspace.de/rz/powermeter.git";
|
||||||
|
rev = "96609f0d632e0732afa768ddd7b3f8841ca37c1b";
|
||||||
|
sha256 = "sha256:0wfpm3ik5r081qv2crmpjwylgg2v8ximq347qh0fzq1rwv0dqbnn";
|
||||||
|
}) {};
|
||||||
|
in {
|
||||||
|
# receive response from light.shack / standby.shack
|
||||||
|
networking.firewall.allowedUDPPorts = [ 11111 ];
|
||||||
|
users.users.powermeter.extraGroups = [ "dialout" ];
|
||||||
|
|
||||||
|
systemd.services.powermeter-serial2mqtt = {
|
||||||
|
description = "powerraw Serial -> mqtt";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
User = "powermeter";
|
||||||
|
ExecStart = "${pkg}/bin/powermeter-serial2mqtt";
|
||||||
|
Restart = "always";
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.powermeter-mqtt2socket = {
|
||||||
|
description = "powerraw mqtt -> raw socket 11111";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
User = "powermeter";
|
||||||
|
ExecStart = "${pkg}/bin/powermeter-mqtt2socket";
|
||||||
|
Restart = "always";
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.telegraf = {
|
||||||
|
enable = true;
|
||||||
|
extraConfig = {
|
||||||
|
agent.debug = false;
|
||||||
|
outputs = {
|
||||||
|
influxdb = [{
|
||||||
|
urls = [ influx-url ];
|
||||||
|
database = "telegraf";
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.telegraf.extraConfig.inputs.mqtt_consumer = let
|
||||||
|
genTopic = name: topic: tags: {
|
||||||
|
servers = [ "tcp://mqtt.shack:1883" ];
|
||||||
|
qos = 0;
|
||||||
|
connection_timeout = "30s";
|
||||||
|
topics = [ topic ];
|
||||||
|
inherit tags;
|
||||||
|
persistent_session = false;
|
||||||
|
name_override = name;
|
||||||
|
data_format = "value";
|
||||||
|
data_type = "float";
|
||||||
|
};
|
||||||
|
sensor = "total";
|
||||||
|
types = [ "Voltage" "Current" "Power" ];
|
||||||
|
phases = [ 1 2 3 ];
|
||||||
|
in
|
||||||
|
[ (genTopic "Power consumed" "/power/${sensor}/consumed" { inherit sensor; }) ] ++
|
||||||
|
(lib.flatten (map (type: (map (phase: (genTopic "Power" "/power/${sensor}/L${toString phase}/${type}" { inherit sensor phase type; }) ) phases)) types));
|
||||||
|
}
|
27
krebs/2configs/shack/prometheus/node.nix
Normal file
27
krebs/2configs/shack/prometheus/node.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
networking.firewall.allowedTCPPorts = [ 9100 ];
|
||||||
|
|
||||||
|
services.prometheus.exporters.node = {
|
||||||
|
enable = true;
|
||||||
|
enabledCollectors = [
|
||||||
|
"conntrack"
|
||||||
|
"diskstats"
|
||||||
|
"entropy"
|
||||||
|
"filefd"
|
||||||
|
"filesystem"
|
||||||
|
"loadavg"
|
||||||
|
"mdadm"
|
||||||
|
"meminfo"
|
||||||
|
"netdev"
|
||||||
|
"netstat"
|
||||||
|
"stat"
|
||||||
|
"time"
|
||||||
|
"vmstat"
|
||||||
|
"systemd"
|
||||||
|
"logind"
|
||||||
|
"interrupts"
|
||||||
|
"ksmd"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
195
krebs/2configs/shack/prometheus/server.nix
Normal file
195
krebs/2configs/shack/prometheus/server.nix
Normal file
@ -0,0 +1,195 @@
|
|||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
# from https://gist.github.com/globin/02496fd10a96a36f092a8e7ea0e6c7dd
|
||||||
|
{
|
||||||
|
networking = {
|
||||||
|
firewall.allowedTCPPorts = [
|
||||||
|
3000 # grafana
|
||||||
|
9090 # prometheus
|
||||||
|
9093 # alertmanager
|
||||||
|
];
|
||||||
|
useDHCP = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
prometheus = {
|
||||||
|
enable = true;
|
||||||
|
extraFlags = [
|
||||||
|
"-storage.local.retention 8760h"
|
||||||
|
"-storage.local.series-file-shrink-ratio 0.3"
|
||||||
|
"-storage.local.memory-chunks 2097152"
|
||||||
|
"-storage.local.max-chunks-to-persist 1048576"
|
||||||
|
"-storage.local.index-cache-size.fingerprint-to-metric 2097152"
|
||||||
|
"-storage.local.index-cache-size.fingerprint-to-timerange 1048576"
|
||||||
|
"-storage.local.index-cache-size.label-name-to-label-values 2097152"
|
||||||
|
"-storage.local.index-cache-size.label-pair-to-fingerprints 41943040"
|
||||||
|
];
|
||||||
|
alertmanagerURL = [ "http://localhost:9093" ];
|
||||||
|
rules = [
|
||||||
|
''
|
||||||
|
ALERT node_down
|
||||||
|
IF up == 0
|
||||||
|
FOR 5m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Node is down.",
|
||||||
|
description = "{{$labels.alias}} has been down for more than 5 minutes."
|
||||||
|
}
|
||||||
|
ALERT node_systemd_service_failed
|
||||||
|
IF node_systemd_unit_state{state="failed"} == 1
|
||||||
|
FOR 4m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start.",
|
||||||
|
description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}."
|
||||||
|
}
|
||||||
|
ALERT node_filesystem_full_90percent
|
||||||
|
IF sort(node_filesystem_free{device!="ramfs"} < node_filesystem_size{device!="ramfs"} * 0.1) / 1024^3
|
||||||
|
FOR 5m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Filesystem is running out of space soon.",
|
||||||
|
description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 10% space left on its filesystem."
|
||||||
|
}
|
||||||
|
ALERT node_filesystem_full_in_4h
|
||||||
|
IF predict_linear(node_filesystem_free{device!="ramfs"}[1h], 4*3600) <= 0
|
||||||
|
FOR 5m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Filesystem is running out of space in 4 hours.",
|
||||||
|
description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 4 hours"
|
||||||
|
}
|
||||||
|
ALERT node_filedescriptors_full_in_3h
|
||||||
|
IF predict_linear(node_filefd_allocated[1h], 3*3600) >= node_filefd_maximum
|
||||||
|
FOR 20m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours.",
|
||||||
|
description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours"
|
||||||
|
}
|
||||||
|
ALERT node_load1_90percent
|
||||||
|
IF node_load1 / on(alias) count(node_cpu{mode="system"}) by (alias) >= 0.9
|
||||||
|
FOR 1h
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Running on high load.",
|
||||||
|
description = "{{$labels.alias}} is running with > 90% total load for at least 1h."
|
||||||
|
}
|
||||||
|
ALERT node_cpu_util_90percent
|
||||||
|
IF 100 - (avg by (alias) (irate(node_cpu{mode="idle"}[5m])) * 100) >= 90
|
||||||
|
FOR 1h
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: High CPU utilization.",
|
||||||
|
description = "{{$labels.alias}} has total CPU utilization over 90% for at least 1h."
|
||||||
|
}
|
||||||
|
ALERT node_ram_using_90percent
|
||||||
|
IF node_memory_MemFree + node_memory_Buffers + node_memory_Cached < node_memory_MemTotal * 0.1
|
||||||
|
FOR 30m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary="{{$labels.alias}}: Using lots of RAM.",
|
||||||
|
description="{{$labels.alias}} is using at least 90% of its RAM for at least 30 minutes now.",
|
||||||
|
}
|
||||||
|
''
|
||||||
|
];
|
||||||
|
scrapeConfigs = [
|
||||||
|
{
|
||||||
|
job_name = "node";
|
||||||
|
scrape_interval = "10s";
|
||||||
|
static_configs = [
|
||||||
|
{
|
||||||
|
targets = [
|
||||||
|
"localhost:9100"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
alias = "wolf.shack";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
targets = [
|
||||||
|
"localhost:9130"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
alias = "unifi.shack";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
targets = [
|
||||||
|
"10.42.22.184:9100" # puyak.shack
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
alias = "puyak.shack";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
targets = [
|
||||||
|
"phenylbutazon.shack:9100"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
alias = "phenylbutazon.shack";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
targets = [
|
||||||
|
"ibuprofen.shack:9100"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
alias = "ibuprofen.shack";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
alertmanager = {
|
||||||
|
enable = true;
|
||||||
|
listenAddress = "0.0.0.0";
|
||||||
|
configuration = {
|
||||||
|
"global" = {
|
||||||
|
"smtp_smarthost" = "smtp.example.com:587";
|
||||||
|
"smtp_from" = "alertmanager@example.com";
|
||||||
|
};
|
||||||
|
"route" = {
|
||||||
|
"group_by" = [ "alertname" "alias" ];
|
||||||
|
"group_wait" = "30s";
|
||||||
|
"group_interval" = "2m";
|
||||||
|
"repeat_interval" = "4h";
|
||||||
|
"receiver" = "team-admins";
|
||||||
|
};
|
||||||
|
"receivers" = [
|
||||||
|
{
|
||||||
|
"name" = "team-admins";
|
||||||
|
"email_configs" = [
|
||||||
|
{
|
||||||
|
"to" = "devnull@example.com";
|
||||||
|
"send_resolved" = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
"webhook_configs" = [
|
||||||
|
{
|
||||||
|
"url" = "https://example.com/prometheus-alerts";
|
||||||
|
"send_resolved" = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
10
krebs/2configs/shack/prometheus/unifi.nix
Normal file
10
krebs/2configs/shack/prometheus/unifi.nix
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
{lib, ... }:
|
||||||
|
{
|
||||||
|
services.prometheus.exporters.unifi = {
|
||||||
|
enable = true;
|
||||||
|
unifiAddress = "https://unifi.shack:8443/";
|
||||||
|
unifiInsecure = true;
|
||||||
|
unifiUsername = "prometheus"; # needed manual login after setup to confirm the password
|
||||||
|
unifiPassword = lib.replaceChars ["\n"] [""] (builtins.readFile <secrets/shack/unifi-prometheus-pw>);
|
||||||
|
};
|
||||||
|
}
|
33
krebs/2configs/shack/s3-power.nix
Normal file
33
krebs/2configs/shack/s3-power.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
pkg = pkgs.callPackage (
|
||||||
|
pkgs.fetchgit {
|
||||||
|
url = "https://git.shackspace.de/rz/s3-power";
|
||||||
|
rev = "b2b87b56bb40d714dbbecd1285566870b256aec4";
|
||||||
|
sha256 = "sha256:02wikwf3rgkkggwbwqisdvhlwd38w5pw011xhwvhnj114s3rynan";
|
||||||
|
}) {};
|
||||||
|
home = "/var/lib/s3-power";
|
||||||
|
cfg = toString <secrets/shack/s3-power.json>;
|
||||||
|
in {
|
||||||
|
users.users.s3_power = {
|
||||||
|
inherit home;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
systemd.services.s3-power = {
|
||||||
|
startAt = "daily";
|
||||||
|
description = "s3-power";
|
||||||
|
environment.CONFIG = "${home}/s3-power.json";
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
User = "s3_power";
|
||||||
|
ExecStartPre = pkgs.writeDash "s3-power-pre" ''
|
||||||
|
install -D -os3_power -m700 ${cfg} ${home}/s3-power.json
|
||||||
|
'';
|
||||||
|
WorkingDirectory = home;
|
||||||
|
PermissionsStartOnly = true;
|
||||||
|
ExecStart = "${pkg}/bin/s3-power";
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -236,6 +236,7 @@ in {
|
|||||||
"tracker.makefu.r"
|
"tracker.makefu.r"
|
||||||
"wiki.gum.r"
|
"wiki.gum.r"
|
||||||
"wiki.makefu.r"
|
"wiki.makefu.r"
|
||||||
|
"sick.makefu.r"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -288,12 +289,18 @@ in {
|
|||||||
ip4.addr = "10.243.189.130";
|
ip4.addr = "10.243.189.130";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
rockit = rec { # router@home
|
|
||||||
|
shackdev = rec { # router@shack
|
||||||
cores = 1;
|
cores = 1;
|
||||||
nets.wiregrill.ip4.addr = "10.244.245.2";
|
nets.wiregrill.ip4.addr = "10.244.245.2";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
rockit = rec { # router@home
|
||||||
|
cores = 1;
|
||||||
|
nets.wiregrill.ip4.addr = "10.244.245.3";
|
||||||
|
};
|
||||||
|
|
||||||
senderechner = rec {
|
senderechner = rec {
|
||||||
cores = 2;
|
cores = 2;
|
||||||
nets = {
|
nets = {
|
||||||
|
@ -1 +1 @@
|
|||||||
YmvTL4c13WS6f88ZAz2m/2deL2pnPXI0Ay3edCPE1Qc=
|
LPMs1h9+8ABqeZsS6xmHC7votPqpUT609XuktAhaik8=
|
||||||
|
1
krebs/3modules/makefu/wiregrill/shackdev.pub
Normal file
1
krebs/3modules/makefu/wiregrill/shackdev.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
YmvTL4c13WS6f88ZAz2m/2deL2pnPXI0Ay3edCPE1Qc=
|
@ -1,4 +1,4 @@
|
|||||||
{ name }: rec {
|
{ name, target ? name }: rec {
|
||||||
|
|
||||||
krops = ../submodules/krops;
|
krops = ../submodules/krops;
|
||||||
|
|
||||||
@ -63,7 +63,7 @@
|
|||||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
|
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
|
||||||
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
|
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
|
||||||
source = source { test = false; };
|
source = source { test = false; };
|
||||||
target = "root@${name}/var/src";
|
target = "root@${target}/var/src";
|
||||||
};
|
};
|
||||||
|
|
||||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
||||||
|
1
makefu/0tests/data/secrets/hass/citadel-bot.json
Normal file
1
makefu/0tests/data/secrets/hass/citadel-bot.json
Normal file
@ -0,0 +1 @@
|
|||||||
|
{}
|
0
makefu/0tests/data/secrets/hass/voicerss.apikey
Normal file
0
makefu/0tests/data/secrets/hass/voicerss.apikey
Normal file
@ -5,14 +5,14 @@ in {
|
|||||||
imports = [
|
imports = [
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
./hardware-config.nix
|
./hardware-config.nix
|
||||||
|
{ environment.systemPackages = with pkgs;[ rsync screen curl git tmux picocom mosh ];}
|
||||||
# <stockholm/makefu/2configs/tools/core.nix>
|
# <stockholm/makefu/2configs/tools/core.nix>
|
||||||
{ environment.systemPackages = with pkgs;[ rsync screen curl git ];}
|
|
||||||
<stockholm/makefu/2configs/binary-cache/nixos.nix>
|
<stockholm/makefu/2configs/binary-cache/nixos.nix>
|
||||||
#<stockholm/makefu/2configs/support-nixos.nix>
|
#<stockholm/makefu/2configs/support-nixos.nix>
|
||||||
<stockholm/makefu/2configs/homeautomation/default.nix>
|
<stockholm/makefu/2configs/homeautomation/default.nix>
|
||||||
<stockholm/makefu/2configs/homeautomation/google-muell.nix>
|
<stockholm/makefu/2configs/homeautomation/google-muell.nix>
|
||||||
# configure your hw:
|
# configure your hw:
|
||||||
# <stockholm/makefu/2configs/save-diskspace.nix>
|
# <stockholm/makefu/2configs/save-diskspace.nix>
|
||||||
];
|
];
|
||||||
krebs = {
|
krebs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -24,5 +24,4 @@ in {
|
|||||||
documentation.man.enable = false;
|
documentation.man.enable = false;
|
||||||
services.nixosManual.enable = false;
|
services.nixosManual.enable = false;
|
||||||
sound.enable = false;
|
sound.enable = false;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -48,7 +48,6 @@ in {
|
|||||||
hardware.cpu.amd.updateMicrocode = true;
|
hardware.cpu.amd.updateMicrocode = true;
|
||||||
|
|
||||||
zramSwap.enable = true;
|
zramSwap.enable = true;
|
||||||
zramSwap.numDevices = 2;
|
|
||||||
|
|
||||||
makefu.snapraid = let
|
makefu.snapraid = let
|
||||||
toMedia = name: "/media/" + name;
|
toMedia = name: "/media/" + name;
|
||||||
|
25
makefu/1systems/firecracker/config.nix
Normal file
25
makefu/1systems/firecracker/config.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
primaryInterface = "eth0";
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
<stockholm/makefu>
|
||||||
|
./hardware-config.nix
|
||||||
|
# <stockholm/makefu/2configs/tools/core.nix>
|
||||||
|
{ environment.systemPackages = with pkgs;[ rsync screen curl git ];}
|
||||||
|
<stockholm/makefu/2configs/binary-cache/nixos.nix>
|
||||||
|
#<stockholm/makefu/2configs/support-nixos.nix>
|
||||||
|
# configure your hw:
|
||||||
|
# <stockholm/makefu/2configs/save-diskspace.nix>
|
||||||
|
];
|
||||||
|
krebs = {
|
||||||
|
enable = true;
|
||||||
|
tinc.retiolum.enable = true;
|
||||||
|
build.host = config.krebs.hosts.firecracker;
|
||||||
|
};
|
||||||
|
networking.firewall.trustedInterfaces = [ primaryInterface ];
|
||||||
|
documentation.info.enable = false;
|
||||||
|
documentation.man.enable = false;
|
||||||
|
services.nixosManual.enable = false;
|
||||||
|
sound.enable = false;
|
||||||
|
}
|
30
makefu/1systems/firecracker/hardware-config.nix
Normal file
30
makefu/1systems/firecracker/hardware-config.nix
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
boot.kernelParams = lib.mkForce ["console=ttyS2,1500000n8" "earlycon=uart8250,mmio32,0xff1a0000" "earlyprintk"];
|
||||||
|
boot.loader.grub.enable = false;
|
||||||
|
boot.loader.generic-extlinux-compatible.enable = true;
|
||||||
|
boot.loader.generic-extlinux-compatible.configurationLimit = 1;
|
||||||
|
boot.loader.generationsDir.enable = lib.mkDefault false;
|
||||||
|
boot.supportedFilesystems = lib.mkForce [ "vfat" ];
|
||||||
|
|
||||||
|
boot.tmpOnTmpfs = lib.mkForce false;
|
||||||
|
boot.cleanTmpDir = true;
|
||||||
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
|
## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
networking.wireless.enable = true;
|
||||||
|
# File systems configuration for using the installer's partition layout
|
||||||
|
swapDevices = [ { device = "/var/swap"; size = 4096; } ];
|
||||||
|
fileSystems = {
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_BOOT";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
4
makefu/1systems/firecracker/source.nix
Normal file
4
makefu/1systems/firecracker/source.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{
|
||||||
|
name="cake";
|
||||||
|
full = true;
|
||||||
|
}
|
@ -97,6 +97,24 @@ in {
|
|||||||
# sharing
|
# sharing
|
||||||
<stockholm/makefu/2configs/share/gum.nix>
|
<stockholm/makefu/2configs/share/gum.nix>
|
||||||
<stockholm/makefu/2configs/torrent.nix>
|
<stockholm/makefu/2configs/torrent.nix>
|
||||||
|
{ services.sickbeard = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.sickgear;
|
||||||
|
user = "sickbeard";
|
||||||
|
group = "download";
|
||||||
|
port = 8280;
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."sick.makefu.r" = {
|
||||||
|
locations."/".proxyPass = http://localhost:8280;
|
||||||
|
extraConfig = ''
|
||||||
|
if ( $server_addr = "${external-ip}" ) {
|
||||||
|
return 403;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
users.users.sickbeard.extraGroups = [ "nginx" ];
|
||||||
|
}
|
||||||
|
{ nixpkgs.config.allowUnfree = true; }
|
||||||
#<stockholm/makefu/2configs/retroshare.nix>
|
#<stockholm/makefu/2configs/retroshare.nix>
|
||||||
## <stockholm/makefu/2configs/ipfs.nix>
|
## <stockholm/makefu/2configs/ipfs.nix>
|
||||||
#<stockholm/makefu/2configs/syncthing.nix>
|
#<stockholm/makefu/2configs/syncthing.nix>
|
||||||
@ -111,6 +129,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/iodined.nix>
|
<stockholm/makefu/2configs/iodined.nix>
|
||||||
<stockholm/makefu/2configs/bitlbee.nix>
|
<stockholm/makefu/2configs/bitlbee.nix>
|
||||||
<stockholm/makefu/2configs/wireguard/server.nix>
|
<stockholm/makefu/2configs/wireguard/server.nix>
|
||||||
|
<stockholm/makefu/2configs/wireguard/wiregrill.nix>
|
||||||
|
|
||||||
# Removed until move: no extra mails
|
# Removed until move: no extra mails
|
||||||
<stockholm/makefu/2configs/urlwatch>
|
<stockholm/makefu/2configs/urlwatch>
|
||||||
@ -153,11 +172,17 @@ in {
|
|||||||
|
|
||||||
makefu.dl-dir = "/var/download";
|
makefu.dl-dir = "/var/download";
|
||||||
|
|
||||||
services.openssh.hostKeys = [
|
services.openssh.hostKeys = lib.mkForce [
|
||||||
{ bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; }
|
{ bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; }
|
||||||
{ path = (toString <secrets/ssh_host_ed25519_key>); type = "ed25519"; } ];
|
{ path = (toString <secrets/ssh_host_ed25519_key>); type = "ed25519"; } ];
|
||||||
###### stable
|
###### stable
|
||||||
services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
|
|
||||||
|
services.nginx.virtualHosts."cgit.euer.krebsco.de" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/".proxyPass = "http://cgit.gum.r";
|
||||||
|
};
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.gum;
|
krebs.build.host = config.krebs.hosts.gum;
|
||||||
|
|
||||||
# Network
|
# Network
|
||||||
|
@ -41,7 +41,7 @@ in {
|
|||||||
boot.loader.grub.enable = true;
|
boot.loader.grub.enable = true;
|
||||||
boot.loader.grub.version = 2;
|
boot.loader.grub.version = 2;
|
||||||
boot.loader.grub.devices = [ main-disk ];
|
boot.loader.grub.devices = [ main-disk ];
|
||||||
boot.initrd.kernelModules = [ "dm-raid" "dm_cache" ];
|
boot.initrd.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" ];
|
||||||
boot.initrd.availableKernelModules = [
|
boot.initrd.availableKernelModules = [
|
||||||
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
|
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
|
||||||
"xhci_pci" "ehci_pci" "ahci" "sd_mod"
|
"xhci_pci" "ehci_pci" "ahci" "sd_mod"
|
||||||
@ -67,7 +67,7 @@ in {
|
|||||||
fileSystems."/var/www/binaergewitter" = {
|
fileSystems."/var/www/binaergewitter" = {
|
||||||
device = "/dev/nixos/binaergewitter";
|
device = "/dev/nixos/binaergewitter";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
options = [ "nofail" "x-systemd.automount" "x-systemd.device-timeout=5s" "x-systemd.mount-timeout=5s" ];
|
options = [ "nofail" ];
|
||||||
};
|
};
|
||||||
fileSystems."/var/lib/borgbackup" = {
|
fileSystems."/var/lib/borgbackup" = {
|
||||||
device = "/dev/nixos/backup";
|
device = "/dev/nixos/backup";
|
||||||
|
40
makefu/1systems/sdcard/config.nix
Normal file
40
makefu/1systems/sdcard/config.nix
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
kernel = pkgs.callPackage ./kernel.nix {
|
||||||
|
kernelPatches = with pkgs.kernelPatches; [
|
||||||
|
# kernelPatches.bridge_stp_helper
|
||||||
|
# kernelPatches.modinst_arg_list_too_long
|
||||||
|
];
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<nixpkgs/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix>
|
||||||
|
# <stockholm/makefu/2configs/minimal.nix>
|
||||||
|
];
|
||||||
|
# TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
|
||||||
|
# cd ~/stockholm ; nix build config.system.build.sdImage -I nixos-config=makefu/1systems/sdcard/config.nix -f /home/makefu/nixpkgs/nixos
|
||||||
|
|
||||||
|
boot.kernelParams = ["console=ttyS2,1500000" "earlycon=uart8250,mmio32,0xff1a0000"];
|
||||||
|
# boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
boot.kernelPackages = pkgs.linuxPackagesFor kernel;
|
||||||
|
boot.supportedFilesystems = lib.mkForce [ "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
|
||||||
|
|
||||||
|
# krebs.hidden-ssh.enable = true;
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
aria2
|
||||||
|
ddrescue
|
||||||
|
];
|
||||||
|
environment.extraInit = ''
|
||||||
|
EDITOR=vim
|
||||||
|
'';
|
||||||
|
# iso-specific
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
hostKeys = [
|
||||||
|
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
# enable ssh in the iso boot process
|
||||||
|
systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
|
||||||
|
}
|
15
makefu/1systems/sdcard/kernel.nix
Normal file
15
makefu/1systems/sdcard/kernel.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ fetchFromGitLab, buildLinux, ... } @ args:
|
||||||
|
buildLinux (args // rec {
|
||||||
|
version = "4.4.55";
|
||||||
|
modDirVersion = "4.4.55";
|
||||||
|
extraMeta.branch = "4.4";
|
||||||
|
defconfig = "firefly_linux_defconfig";
|
||||||
|
|
||||||
|
src = fetchFromGitLab {
|
||||||
|
owner = "TeeFirefly";
|
||||||
|
repo = "linux-kernel";
|
||||||
|
rev = "firefly_0821_release";
|
||||||
|
sha256 = "1fwj9cm5ysz286znrr3fyrhfn903m84i7py4rv3y3h9avxb3zl1r";
|
||||||
|
};
|
||||||
|
extraMeta.platforms = [ "aarch64-linux" ];
|
||||||
|
} // (args.argsOverride or {}))
|
3
makefu/1systems/sdcard/source.nix
Normal file
3
makefu/1systems/sdcard/source.nix
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
{
|
||||||
|
name="iso";
|
||||||
|
}
|
@ -16,15 +16,16 @@ in {
|
|||||||
<stockholm/makefu/2configs/tools/core-gui.nix>
|
<stockholm/makefu/2configs/tools/core-gui.nix>
|
||||||
<stockholm/makefu/2configs/tools/extra-gui.nix>
|
<stockholm/makefu/2configs/tools/extra-gui.nix>
|
||||||
<stockholm/makefu/2configs/tools/media.nix>
|
<stockholm/makefu/2configs/tools/media.nix>
|
||||||
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
# <stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
||||||
|
# <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
<stockholm/makefu/2configs/mqtt.nix>
|
|
||||||
<stockholm/makefu/2configs/gui/wbob-kiosk.nix>
|
<stockholm/makefu/2configs/gui/wbob-kiosk.nix>
|
||||||
|
|
||||||
# <stockholm/makefu/2configs/gui/studio-virtual.nix>
|
# <stockholm/makefu/2configs/gui/studio-virtual.nix>
|
||||||
# <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
|
# <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
|
||||||
# <stockholm/makefu/2configs/audio/realtime-audio.nix>
|
# <stockholm/makefu/2configs/audio/realtime-audio.nix>
|
||||||
# <stockholm/makefu/2configs/vncserver.nix>
|
# <stockholm/makefu/2configs/vncserver.nix>
|
||||||
|
<stockholm/makefu/2configs/logging/server.nix>
|
||||||
|
|
||||||
# Services
|
# Services
|
||||||
# <stockholm/makefu/2configs/hydra/stockholm.nix>
|
# <stockholm/makefu/2configs/hydra/stockholm.nix>
|
||||||
@ -33,7 +34,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/bluetooth-mpd.nix>
|
<stockholm/makefu/2configs/bluetooth-mpd.nix>
|
||||||
|
|
||||||
# Sensors
|
# Sensors
|
||||||
<stockholm/makefu/2configs/stats/client.nix>
|
# <stockholm/makefu/2configs/stats/client.nix>
|
||||||
<stockholm/makefu/2configs/stats/collectd-client.nix>
|
<stockholm/makefu/2configs/stats/collectd-client.nix>
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
||||||
@ -44,16 +45,10 @@ in {
|
|||||||
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
|
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
|
||||||
{ environment.systemPackages = [ pkgs.vlc ]; }
|
{ environment.systemPackages = [ pkgs.vlc ]; }
|
||||||
|
|
||||||
{
|
<stockholm/makefu/2configs/bureautomation> # new hass entry point
|
||||||
# Risikoübernahme
|
|
||||||
nixpkgs.config.permittedInsecurePackages = [
|
|
||||||
"homeassistant-0.77.2"
|
|
||||||
];
|
|
||||||
}
|
|
||||||
<stockholm/makefu/2configs/bureautomation>
|
|
||||||
<stockholm/makefu/2configs/bureautomation/led-fader.nix>
|
<stockholm/makefu/2configs/bureautomation/led-fader.nix>
|
||||||
<stockholm/makefu/2configs/bureautomation/mpd.nix>
|
# <stockholm/makefu/2configs/bureautomation/mpd.nix> #mpd is only used for TTS
|
||||||
<stockholm/makefu/2configs/bureautomation/hass.nix>
|
<stockholm/makefu/2configs/mqtt.nix>
|
||||||
(let
|
(let
|
||||||
collectd-port = 25826;
|
collectd-port = 25826;
|
||||||
influx-port = 8086;
|
influx-port = 8086;
|
||||||
@ -85,6 +80,7 @@ in {
|
|||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
|
||||||
|
<stockholm/makefu/2configs/backup/state.nix>
|
||||||
# temporary
|
# temporary
|
||||||
# <stockholm/makefu/2configs/temp/rst-issue.nix>
|
# <stockholm/makefu/2configs/temp/rst-issue.nix>
|
||||||
];
|
];
|
||||||
@ -106,6 +102,7 @@ in {
|
|||||||
|
|
||||||
LoadPlugin curl
|
LoadPlugin curl
|
||||||
<Plugin curl>
|
<Plugin curl>
|
||||||
|
Interval 300
|
||||||
TotalTime true
|
TotalTime true
|
||||||
NamelookupTime true
|
NamelookupTime true
|
||||||
ConnectTime true
|
ConnectTime true
|
||||||
|
15
makefu/2configs/Reaktor/bgt.nix
Normal file
15
makefu/2configs/Reaktor/bgt.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
krebs.Reaktor.reaktor-bgt = {
|
||||||
|
nickname = "Reaktor|bgt";
|
||||||
|
workdir = "/var/lib/Reaktor/bgt";
|
||||||
|
channels = [ "#binaergewitter" ];
|
||||||
|
plugins = with pkgs.ReaktorPlugins;
|
||||||
|
[ titlebot
|
||||||
|
# stockholm-issue
|
||||||
|
nixos-version
|
||||||
|
# shack-correct
|
||||||
|
# sed-plugin
|
||||||
|
random-emoji ];
|
||||||
|
};
|
||||||
|
}
|
@ -1,154 +0,0 @@
|
|||||||
[
|
|
||||||
{ alias = "start Felix 10h";
|
|
||||||
trigger = {
|
|
||||||
platform = "state";
|
|
||||||
entity_id = [ "device_tracker.felix_phone" "device_tracker.felix_laptop" ];
|
|
||||||
from = "not_home";
|
|
||||||
to = "home";
|
|
||||||
};
|
|
||||||
condition = {
|
|
||||||
condition = "and";
|
|
||||||
conditions = [
|
|
||||||
{
|
|
||||||
condition = "state";
|
|
||||||
entity_id = "timer.felix_10h";
|
|
||||||
state = "idle";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
condition = "time";
|
|
||||||
after = "06:00:00";
|
|
||||||
before = "12:00:00";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
action = [
|
|
||||||
{ service = "timer.start";
|
|
||||||
entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ] ;
|
|
||||||
}
|
|
||||||
{ service = "homeassistant.turn_on";
|
|
||||||
entity_id = [
|
|
||||||
"script.buzz_red_led_fast"
|
|
||||||
"script.blitz_10s"
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{ service = "light.turn_on";
|
|
||||||
data = {
|
|
||||||
effect = "2";
|
|
||||||
entity_id = [ "light.status_felix" ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
{ alias = "Disable Felix timer at button press";
|
|
||||||
trigger = {
|
|
||||||
platform = "state";
|
|
||||||
entity_id = "binary_sensor.redbutton";
|
|
||||||
to = "on";
|
|
||||||
};
|
|
||||||
condition = {
|
|
||||||
condition = "and";
|
|
||||||
conditions = [
|
|
||||||
{
|
|
||||||
condition = "state";
|
|
||||||
entity_id = "timer.felix_10h";
|
|
||||||
state = "active";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
condition = "time";
|
|
||||||
after = "12:00:00";
|
|
||||||
before = "22:00:00";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
action =
|
|
||||||
[
|
|
||||||
{
|
|
||||||
service = "timer.cancel";
|
|
||||||
entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
service = "homeassistant.turn_on";
|
|
||||||
entity_id = [ "script.buzz_red_led_fast" ];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
service = "homeassistant.turn_off";
|
|
||||||
entity_id = [ "light.status_felix" ];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
{
|
|
||||||
alias = "Genug gearbeitet Felix";
|
|
||||||
trigger =
|
|
||||||
{
|
|
||||||
platform = "event";
|
|
||||||
event_type = "timer.finished";
|
|
||||||
event_data.entity_id = "timer.felix_7h";
|
|
||||||
};
|
|
||||||
action =
|
|
||||||
[
|
|
||||||
{ service = "light.turn_on";
|
|
||||||
data = {
|
|
||||||
rgb_color= [0 255 0];
|
|
||||||
# effect = "0";
|
|
||||||
entity_id = [ "light.status_felix" ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
{
|
|
||||||
alias = "nun aber nach hause";
|
|
||||||
trigger =
|
|
||||||
{
|
|
||||||
platform = "event";
|
|
||||||
event_type = "timer.finished";
|
|
||||||
event_data.entity_id = "timer.felix_8_30h";
|
|
||||||
};
|
|
||||||
action =
|
|
||||||
[
|
|
||||||
{ service = "light.turn_on";
|
|
||||||
data = {
|
|
||||||
rgb_color= [255 255 0];
|
|
||||||
# effect = "0";
|
|
||||||
entity_id = [ "light.status_felix" ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
{
|
|
||||||
alias = "Zu lange Felix!";
|
|
||||||
trigger =
|
|
||||||
{
|
|
||||||
platform = "event";
|
|
||||||
event_type = "timer.finished";
|
|
||||||
event_data.entity_id = "timer.felix_10h";
|
|
||||||
};
|
|
||||||
action =
|
|
||||||
[
|
|
||||||
{
|
|
||||||
service = "notify.telegrambot";
|
|
||||||
data = {
|
|
||||||
title = "Zu lange Felix!";
|
|
||||||
message = "Du bist schon 10 Stunden auf Arbeit, geh jetzt gefälligst nach Hause!";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
service = "homeassistant.turn_on";
|
|
||||||
entity_id = [
|
|
||||||
"script.buzz_red_led"
|
|
||||||
"script.blitz_10s"
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{ service = "light.turn_on";
|
|
||||||
data = {
|
|
||||||
rgb_color= [255 0 0];
|
|
||||||
effect = "0";
|
|
||||||
entity_id = [ "light.status_felix" ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
]
|
|
@ -23,19 +23,11 @@
|
|||||||
item.partymode = "music";
|
item.partymode = "music";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
|
||||||
service = "tts.google_say";
|
|
||||||
entity_id = "media_player.kodi";
|
|
||||||
data = {
|
|
||||||
message = "Willkommen in deinem Lieblingsbüro";
|
|
||||||
language = "de";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
service = "notify.telegrambot";
|
service = "notify.telegrambot";
|
||||||
data = {
|
data = {
|
||||||
title = "Bureau Startup";
|
title = "Bureau Startup";
|
||||||
message = "Willkommen {{ trigger.platform }}";
|
message = "Das Büro wurde eröffnet";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
74
makefu/2configs/bureautomation/automation/schlechteluft.nix
Normal file
74
makefu/2configs/bureautomation/automation/schlechteluft.nix
Normal file
@ -0,0 +1,74 @@
|
|||||||
|
let
|
||||||
|
long_threshold = 30;
|
||||||
|
in [
|
||||||
|
{
|
||||||
|
alias = "Bad Air Alarm 60 seconds";
|
||||||
|
trigger =
|
||||||
|
{ platform = "numeric_state";
|
||||||
|
entity_id = "sensor.air_quality";
|
||||||
|
above = 1523;
|
||||||
|
for.seconds = 60;
|
||||||
|
};
|
||||||
|
condition = {
|
||||||
|
condition = "and";
|
||||||
|
conditions = [
|
||||||
|
{ condition = "state";
|
||||||
|
entity_id = "group.team";
|
||||||
|
state = "home";
|
||||||
|
}
|
||||||
|
{ condition = "time";
|
||||||
|
after = "06:00:00";
|
||||||
|
before = "20:00:00";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
action = [
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
entity_id = [
|
||||||
|
"script.schlechteluft"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{
|
||||||
|
alias = "Bad Air Alarm ${toString long_threshold} Minutes";
|
||||||
|
trigger =
|
||||||
|
{ platform = "numeric_state";
|
||||||
|
entity_id = "sensor.air_quality";
|
||||||
|
above = 1523;
|
||||||
|
for.minutes = long_threshold;
|
||||||
|
};
|
||||||
|
condition = {
|
||||||
|
condition = "and";
|
||||||
|
conditions = [
|
||||||
|
{ condition = "state";
|
||||||
|
entity_id = "group.team";
|
||||||
|
state = "home";
|
||||||
|
}
|
||||||
|
{ condition = "time";
|
||||||
|
after = "06:00:00";
|
||||||
|
before = "20:00:00";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
action = [
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
entity_id = [
|
||||||
|
"script.schlechteluft"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{ service = "tts.google_say";
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
data_template = {
|
||||||
|
message = "BEEP BEEP - Die luft ist schon ${toString long_threshold} Minuten schlecht! Student Nummer {{ range(1,500) | random }}, öffne ein Fenster.";
|
||||||
|
language = "de";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ service = "notify.matrix_notify";
|
||||||
|
data_template.message = "Schlechte Luft Alarm seit ${toString long_threshold} Minuten ({{states.sensor.air_quality.state_with_unit}})!";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
]
|
194
makefu/2configs/bureautomation/combination/10h_timers.nix
Normal file
194
makefu/2configs/bureautomation/combination/10h_timers.nix
Normal file
@ -0,0 +1,194 @@
|
|||||||
|
{lib, ... }:
|
||||||
|
let
|
||||||
|
persons = [ "frank" "daniel" "thorsten" "carsten" "thierry" "ecki" "felix"
|
||||||
|
"anthony" # antony
|
||||||
|
"thierry" # tjeri
|
||||||
|
];
|
||||||
|
random_zu_lange = name: ''{{ [
|
||||||
|
"Du musst jetzt endlich nach Hause gehen ${name}!",
|
||||||
|
"${name} - 10 Stunden sind rum, bald schenkst du den Franzosen deine Lebenszeit",
|
||||||
|
"Nur eine Minute über 10 Stunden kann zu einer Stunde Arbeit für Thorsten werden, ${name}.",
|
||||||
|
"In 10 Minuten kommt dich der Security Mann holen, ${name}",
|
||||||
|
"Das Sandmännchen ist schon vorbei, gleich fallen dir die Augen zu ${name}.",
|
||||||
|
"Wenn ${name} sofort los geht, dann ist er noch rechtzeitig für den Tatort zu Hause.",
|
||||||
|
"${name} muss jetzt gehen, sonst verpasst er die Tagesschau!",
|
||||||
|
"Es ist spät ${name}. Ausstempeln hilft zwar kurzfristig, kann aber zu langfristigen Problemen führen.",
|
||||||
|
"${name}, wenn du nach zehn Stunden nach Hause gehst, muss dir dein Vorgesetzter ein Taxi bestellen",
|
||||||
|
"${name}, wenn du nach zehn Stunden nach Hause gehst, bist du auf dem Rückweg nicht mehr versichert!",
|
||||||
|
"Zu lange, ${name}!" ] | random }}'' ;
|
||||||
|
|
||||||
|
|
||||||
|
random_announce = name: ''{{ [
|
||||||
|
"${name} is in da House",
|
||||||
|
"Ahoi ${name}",
|
||||||
|
"Moinsen ${name}",
|
||||||
|
"Moin Moin ${name}",
|
||||||
|
"Palim, Palim ${name}",
|
||||||
|
"Vorwärts Genosse ${name}",
|
||||||
|
"Gemeinsame Grüße, Genosse ${name}",
|
||||||
|
"Sozialistische Grüße, Genosse ${name}",
|
||||||
|
"Konzentrierte Grüße, Genosse ${name}",
|
||||||
|
"Ach, der ${name} ist auch wieder da...",
|
||||||
|
"Nicht ${name} schon wieder",
|
||||||
|
"Tri tra tralala, der ${name} ist wieder da.",
|
||||||
|
"Na sieh mal einer an, ${name} hat es auch her geschafft",
|
||||||
|
"Wer ist im Büro eingetroffen? ${name} ist es!",
|
||||||
|
"Willkommen in deinem Lieblingsbüro, ${name}.",
|
||||||
|
"Klopf, Klopf, wer ist da? ${name} ist da!",
|
||||||
|
"Messer, Gabel, Schere, Licht sind für kleinen ${name} nicht.",
|
||||||
|
"Ich kenne ein Geheimnis, ${name} ist angekommen",
|
||||||
|
"Wir sind ${name}. Sie werden assimiliert werden",
|
||||||
|
"Achtung, es erfolgt eine Durchsage. ${name} ist eingetroffen",
|
||||||
|
"Die Scanner haben eine dem System bekannte Lebensform mit dem Namen ${name} detektiert",
|
||||||
|
"Das Büro sieht dich, ${name}",
|
||||||
|
"Das Büro riecht dich, ${name}",
|
||||||
|
"Im Kalender von ${name} sind heute acht Meetings eingeplant, von denen zwei bereits verpasst wurden",
|
||||||
|
"Das Postfach von ${name} beinhaltet einhundertachtundzwanzig ungelesene E-Mails.",
|
||||||
|
"Nachricht von Serge: ${name}, bitte melden Sie sich Umgehend bei mir im Büro!",
|
||||||
|
"Luftqualität hat sich durch das Eintreffen von ${name} um zweihunder Punkte verschlechtert, bitte alle Fenster öffnen.",
|
||||||
|
"Die Tür geht auf, wer mag das sein? Schon schreitet hier der ${name} ein. Das Volk, es jubelt, Dirnen schmachten. Fürs Festmahl beginnt man schon zu schlachten. Er wird nur nach dem besten streben! Der ${name}, er soll lange leben!",
|
||||||
|
"${name} arbeitet gern für seinen Konzern",
|
||||||
|
"${name} ist nur froh im Großraumbüro",
|
||||||
|
"Für ${name} ist die schönste Zeit ... die Arbeit",
|
||||||
|
"Ein Fleißbienchen für ${name} zum rechtzeitigen Erscheinen im Büro",
|
||||||
|
"${name} ist heute wohl doch nicht im Office Home",
|
||||||
|
"${name} ist bereit für einen Tag voller Meetings",
|
||||||
|
"Und es startet für ${name} wieder ein Tag im Paradies",
|
||||||
|
"Lieber ${name}, Markus Keck hat dich bereits drei mal Versucht anzurufen!",
|
||||||
|
"Trotz schwerer Männergrippe ist ${name} heute im Büro erschienen.",
|
||||||
|
"${name} kenne keine Parteien mehr, ${name} kenne nur noch Arbeitsplätze",
|
||||||
|
"${name}, Frage nicht, was dein Arbeitsplatz für dich tun kann. Frage, was du für deinen Arbeitsplatz tun kannst",
|
||||||
|
"${name} läuft bis in den Jemen - für sein Unternehmen. ${name} schwimmt bis nach Birma - für meine Firma",
|
||||||
|
"Der Cyberian ${name} ist gekommen um die Bahnwelt vor Cyber-Angriffen zu schützen",
|
||||||
|
"Alles paletto im Ghetto, ${name}?",
|
||||||
|
"Hach, ${name}, wenn du hier rein kommst fühlt es sich gleich wieder an wie Montag.",
|
||||||
|
"Oh nein, nicht schon wieder ${name}",
|
||||||
|
"Wer wohnt in der Ananas ganz tief im Meer? ${name} Schwammkopf!",
|
||||||
|
"Arbeit ist Freizeit! Wachstum ist Fortschritt! Sicherheit ist Freiheit! Eine kleine Erinnerung für ${name}"] | random }}'' ;
|
||||||
|
tmr_10h = name: {
|
||||||
|
"${name}_10h" = {
|
||||||
|
name = "${name} 10h Timer";
|
||||||
|
duration = "10:00:00";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
zu_lange_user = name:
|
||||||
|
{ "zu_lange_${name}" = {
|
||||||
|
alias = "Random Zu Lange ${name}";
|
||||||
|
|
||||||
|
sequence = [
|
||||||
|
{ service = "media_player.play_media";
|
||||||
|
data = {
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
media_content_type = "playlist";
|
||||||
|
media_content_id = "ansage";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ delay.seconds = 5; }
|
||||||
|
{ service = "tts.google_say";
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
data_template = {
|
||||||
|
message = random_zu_lange name;
|
||||||
|
language = "de";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
announce_user = name:
|
||||||
|
{ "announce_${name}" = {
|
||||||
|
alias = "Random Announce ${name}";
|
||||||
|
sequence = [
|
||||||
|
{ delay.seconds = 7; }
|
||||||
|
{ service = "media_player.play_media";
|
||||||
|
data = {
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
media_content_type = "playlist";
|
||||||
|
media_content_id = "ansage";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ delay.seconds = 4; }
|
||||||
|
{ service = "tts.google_say";
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
data_template = {
|
||||||
|
message = random_announce name;
|
||||||
|
language = "de";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
automation_10h = name: [
|
||||||
|
{ alias = "start ${name} 10h";
|
||||||
|
trigger = {
|
||||||
|
platform = "state";
|
||||||
|
# TODO: ecki
|
||||||
|
entity_id = [ "device_tracker.${name}_phone"];
|
||||||
|
from = "not_home";
|
||||||
|
to = "home";
|
||||||
|
};
|
||||||
|
condition = {
|
||||||
|
condition = "and";
|
||||||
|
conditions = [
|
||||||
|
{
|
||||||
|
condition = "state";
|
||||||
|
entity_id = "timer.${name}_10h";
|
||||||
|
state = "idle";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
condition = "time";
|
||||||
|
after = "06:00:00";
|
||||||
|
before = "12:00:00";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
action = [
|
||||||
|
{ service = "timer.start";
|
||||||
|
entity_id = [ "timer.${name}_10h" ] ;
|
||||||
|
}
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
entity_id = [
|
||||||
|
# "script.buzz_${name}"
|
||||||
|
"script.blitz_10s"
|
||||||
|
"script.announce_${name}"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
{ alias = "Zu lange ${name}!";
|
||||||
|
trigger =
|
||||||
|
{
|
||||||
|
platform = "event";
|
||||||
|
event_type = "timer.finished";
|
||||||
|
event_data.entity_id = "timer.${name}_10h";
|
||||||
|
};
|
||||||
|
|
||||||
|
condition =
|
||||||
|
{
|
||||||
|
condition = "state";
|
||||||
|
entity_id = "device_tracker.${name}_phone";
|
||||||
|
state = "home";
|
||||||
|
};
|
||||||
|
|
||||||
|
action =
|
||||||
|
[
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
entity_id = [
|
||||||
|
"script.blitz_10s"
|
||||||
|
"script.zu_lange_${name}"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
in
|
||||||
|
{
|
||||||
|
timer =lib.fold lib.recursiveUpdate {}
|
||||||
|
(map tmr_10h persons);
|
||||||
|
automation = (lib.flatten (map automation_10h persons));
|
||||||
|
script = lib.fold lib.recursiveUpdate {} (
|
||||||
|
(map (p: announce_user p) persons) ++
|
||||||
|
(map (p: zu_lange_user p) persons)
|
||||||
|
);
|
||||||
|
}
|
3
makefu/2configs/bureautomation/combination/README.md
Normal file
3
makefu/2configs/bureautomation/combination/README.md
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# Combination Folder
|
||||||
|
files return a dictionary of different types used in home-assistant instead of
|
||||||
|
a single thing.
|
65
makefu/2configs/bureautomation/combination/matrix.nix
Normal file
65
makefu/2configs/bureautomation/combination/matrix.nix
Normal file
@ -0,0 +1,65 @@
|
|||||||
|
{ lib, ... }:
|
||||||
|
#matrix:
|
||||||
|
# password: supersecurepassword
|
||||||
|
# rooms:
|
||||||
|
# - "#hasstest:matrix.org"
|
||||||
|
# commands:
|
||||||
|
# - word: my_command
|
||||||
|
# name: my_command
|
||||||
|
let
|
||||||
|
mom_room = "!kTQjvTQvfVsvfEtmth:thales.citadel.team";
|
||||||
|
in {
|
||||||
|
matrix =
|
||||||
|
{
|
||||||
|
# secrets:
|
||||||
|
# homeserver, username, password
|
||||||
|
homeserver = "https://ext01.citadel.team";
|
||||||
|
rooms = [
|
||||||
|
mom_room
|
||||||
|
];
|
||||||
|
commands = [
|
||||||
|
{
|
||||||
|
# alternative: expression for regexp
|
||||||
|
word = "version";
|
||||||
|
name = "version";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
word = "luftqualität";
|
||||||
|
name = "luftqualitaet";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
} // (builtins.fromJSON (builtins.readFile
|
||||||
|
<secrets/hass/citadel-bot.json>));
|
||||||
|
automation = [
|
||||||
|
{
|
||||||
|
alias = "React to !version";
|
||||||
|
trigger = {
|
||||||
|
platform = "event";
|
||||||
|
event_type = "matrix_command";
|
||||||
|
event_data.command = "version";
|
||||||
|
};
|
||||||
|
action = {
|
||||||
|
service = "notify.matrix_notify";
|
||||||
|
data_template.message = "Running home-assistant {{states.sensor.current_version.state}}";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
alias = "React to !luftqualität";
|
||||||
|
trigger = {
|
||||||
|
platform = "event";
|
||||||
|
event_type = "matrix_command";
|
||||||
|
event_data.command = "luftqualitaet";
|
||||||
|
};
|
||||||
|
action = {
|
||||||
|
service = "notify.matrix_notify";
|
||||||
|
data_template.message = "Temp: {{states.sensor.easy2_dht22_temperature.state_with_unit}} Hum:{{states.sensor.easy2_dht22_humidity.state_with_unit}} airquality:{{states.sensor.air_quality.state_with_unit}}";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
];
|
||||||
|
notify = [{
|
||||||
|
name = "matrix_notify";
|
||||||
|
platform = "matrix";
|
||||||
|
default_room = mom_room;
|
||||||
|
}];
|
||||||
|
}
|
89
makefu/2configs/bureautomation/combination/mittagessen.nix
Normal file
89
makefu/2configs/bureautomation/combination/mittagessen.nix
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
{ lib, ... }:
|
||||||
|
let
|
||||||
|
# TODO: remove redundant code (from multi_blink) via lib
|
||||||
|
flash_entity = { entity, delay ? 500, count ? 4, alias ? "${entity}_blink_${toString count}_${toString delay}" }:
|
||||||
|
{
|
||||||
|
inherit alias;
|
||||||
|
sequence = lib.flatten (builtins.genList (i: [
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
data.entity_id = entity;
|
||||||
|
}
|
||||||
|
{ delay.milliseconds = delay; }
|
||||||
|
{ service = "homeassistant.turn_off";
|
||||||
|
data.entity_id = entity;
|
||||||
|
}
|
||||||
|
{ delay.milliseconds = delay; }
|
||||||
|
]
|
||||||
|
) count);
|
||||||
|
};
|
||||||
|
# TODO: use influxdb and check if pommes
|
||||||
|
random_mittagessen = '' {{ [
|
||||||
|
"Es ist 12 uhr 30. Der Aramark Gourmettempel hat, wie jeden Tag, wieder die feinsten Köstlichkeiten für euch Vorbereitet",
|
||||||
|
"Heute bei Aramark: Rezepte aus Ländern, von denen Ihr noch nie gehört habt, Deutsch zubereitet",
|
||||||
|
"Heute bei Aramark im Angebot: Scheiss mit Reis oder Reste von Freitag",
|
||||||
|
"MHHHH es ist wieder mal so weit, lecker Bayerisch Kraut mit asiatischen Nudeln",
|
||||||
|
"Es ist 12 Uhr 30 und Heute gibt es Pommes - vielleicht",
|
||||||
|
"Heute gibt es Pommes - leider nicht einzeln zu verkaufen, da die Schälchen alle sind",
|
||||||
|
"Heute gibt es Pommes - verarscht! Natürlich gibt es nur salzlosen Reis, oder salzlose Nudeln.",
|
||||||
|
"Heute auf dem Speiseplan: Sushi vom Vortag",
|
||||||
|
"Aramark Kantinenessen: Der Hunger treibt es rein, der Geiz hält es drin.",
|
||||||
|
"Das Essen in der Snackeria sieht heute wie die bessere Alternative aus",
|
||||||
|
"Heute ist wohl wieder ein Beilagen-Tag",
|
||||||
|
"Lunch time! Good luck, you will need it!",
|
||||||
|
"Heute vielleicht lieber doch nur einen Salat?",
|
||||||
|
"Im Büro ist es eh gerade viel zu warm, also ab zur Kantine",
|
||||||
|
"Im Büro ist es eh gerade viel zu kalt, also ab zur Kantine",
|
||||||
|
"Heute scheint die Auswahl wieder sehr schwierig zu sein. Vielleicht doch lieber ein Brötchen mit Fleischkäse vom Bäcker beim Baumarkt?",
|
||||||
|
"Wer hat hier schon wieder ein Meeting auf 12 Uhr gelegt? Skandal!",
|
||||||
|
"Jetzt nur noch kurz die Mail fertig schreiben und schon kann es los gehen.",
|
||||||
|
"Es ist 13 Uhr und die Mittagspause ist bald vorbei .... Kleiner Scherz, es ist erst 12:30, aber Ihr hättet auch nicht wirklich etwas verpasst.",
|
||||||
|
"Hallo, es ist nun 12 Uhr 30! Dies entspricht der Essenszeit aller Büroinsassen. Bitte begebt euch zur Aramark Essensausgabe um euren menschlichen Bedürfnissen nachzukommen."] | random }}'';
|
||||||
|
in {
|
||||||
|
automation = [
|
||||||
|
{ alias = "Mittagessen";
|
||||||
|
trigger = {
|
||||||
|
platform = "time";
|
||||||
|
at = "12:30:00";
|
||||||
|
};
|
||||||
|
action = [
|
||||||
|
{ service = "homeassistant.turn_on";
|
||||||
|
entity_id = [
|
||||||
|
"script.mittagessen_announce"
|
||||||
|
"script.blitz_10s"
|
||||||
|
"script.mittagessenlicht"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
script = {
|
||||||
|
mittagessenlicht = (flash_entity {
|
||||||
|
entity = "switch.bauarbeiterlampe";
|
||||||
|
alias = "Bauarbeiterlampe Mittagessenlicht";
|
||||||
|
delay = 1000;
|
||||||
|
count = 5;
|
||||||
|
});
|
||||||
|
mittagessen_announce = {
|
||||||
|
alias = "Random Mittagessen announce";
|
||||||
|
sequence = [
|
||||||
|
{
|
||||||
|
service = "media_player.play_media";
|
||||||
|
data = {
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
media_content_type = "playlist";
|
||||||
|
media_content_id = "ansage";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ delay.seconds = 5; }
|
||||||
|
{
|
||||||
|
service = "tts.google_say";
|
||||||
|
entity_id = "media_player.mpd";
|
||||||
|
data_template = {
|
||||||
|
message = random_mittagessen;
|
||||||
|
language = "de";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,45 +1,251 @@
|
|||||||
{ pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
let
|
||||||
port = 3001;
|
kodi-host = "192.168.8.11";
|
||||||
runit = pkgs.writeDash "runit" ''
|
ten_hours = import ./combination/10h_timers.nix { inherit lib; }; # provides: timer automation script
|
||||||
set -xeuf
|
mittagessen = import ./combination/mittagessen.nix { inherit lib; }; # provides: automation script
|
||||||
PATH=${pkgs.mosquitto}/bin:${pkgs.coreutils}/bin
|
matrix = import ./combination/matrix.nix { inherit lib; }; # provides: matrix automation
|
||||||
name=''${1?must provide name as first arg}
|
|
||||||
state=''${2?must provide state as second arg}
|
|
||||||
# val=''${3?must provide val as third arg}
|
|
||||||
|
|
||||||
# we ignore non-alerting events
|
|
||||||
test $state = alerting || exit 0
|
|
||||||
|
|
||||||
echo $name - $state
|
|
||||||
topic=plug
|
|
||||||
mosquitto_pub -t /bam/$topic/cmnd/POWER -m ON
|
|
||||||
sleep 5
|
|
||||||
mosquitto_pub -t /bam/$topic/cmnd/POWER -m OFF
|
|
||||||
'';
|
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
./ota.nix
|
./ota.nix
|
||||||
];
|
];
|
||||||
services.logstash = {
|
networking.firewall.allowedTCPPorts = [ 8123 ];
|
||||||
package = pkgs.logstash5;
|
state = [ "/var/lib/hass/known_devices.yaml" ];
|
||||||
|
services.home-assistant = let
|
||||||
|
dwd_pollen = pkgs.fetchFromGitHub {
|
||||||
|
owner = "marcschumacher";
|
||||||
|
repo = "dwd_pollen";
|
||||||
|
rev = "0.1";
|
||||||
|
sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1";
|
||||||
|
};
|
||||||
|
in {
|
||||||
enable = true;
|
enable = true;
|
||||||
inputConfig = ''
|
package = (pkgs.home-assistant.overrideAttrs (old: {
|
||||||
http {
|
# TODO: find correct python package
|
||||||
port => ${toString port}
|
installCheckPhase = ''
|
||||||
host => "127.0.0.1"
|
echo LOLLLLLLLLLLLLLL
|
||||||
}
|
'';
|
||||||
'';
|
postInstall = ''
|
||||||
filterConfig = ''
|
cp -r ${dwd_pollen} $out/lib/python3.7/site-packages/homeassistant/components/dwd_pollen
|
||||||
'';
|
'';
|
||||||
outputConfig = ''
|
})).override {
|
||||||
stdout { codec => json }
|
extraPackages = ps: with ps; [
|
||||||
exec { command => "${runit} '%{ruleName}' '%{state}'" }
|
pkgs.pico2wave
|
||||||
'';
|
python-forecastio jsonrpc-async jsonrpc-websocket mpd2
|
||||||
extraSettings = ''
|
(callPackage ./deps/gtts-token.nix { })
|
||||||
path.plugins: [ "${pkgs.logstash-output-exec}" ]
|
(callPackage ./deps/pyhaversion.nix { })
|
||||||
'';
|
];
|
||||||
|
};
|
||||||
|
autoExtraComponents = true;
|
||||||
|
config = {
|
||||||
|
homeassistant = {
|
||||||
|
name = "Bureautomation";
|
||||||
|
time_zone = "Europe/Berlin";
|
||||||
|
latitude = "48.8265";
|
||||||
|
longitude = "9.0676";
|
||||||
|
elevation = 303;
|
||||||
|
auth_providers = [
|
||||||
|
{ type = "homeassistant";}
|
||||||
|
{ type = "legacy_api_password";}
|
||||||
|
{ type = "trusted_networks";
|
||||||
|
# allow_bypass_login = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
# https://www.home-assistant.io/components/influxdb/
|
||||||
|
influxdb = {
|
||||||
|
database = "hass";
|
||||||
|
tags = {
|
||||||
|
instance = "wbob";
|
||||||
|
source = "hass";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
matrix = matrix.matrix;
|
||||||
|
mqtt = {
|
||||||
|
broker = "localhost";
|
||||||
|
port = 1883;
|
||||||
|
client_id = "home-assistant";
|
||||||
|
keepalive = 60;
|
||||||
|
protocol = 3.1;
|
||||||
|
birth_message = {
|
||||||
|
topic = "/bam/hass/tele/LWT";
|
||||||
|
payload = "Online";
|
||||||
|
qos = 1;
|
||||||
|
retain = true;
|
||||||
|
};
|
||||||
|
will_message = {
|
||||||
|
topic = "/bam/hass/tele/LWT";
|
||||||
|
payload = "Offline";
|
||||||
|
qos = 1;
|
||||||
|
retain = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
switch = (import ./switch/tasmota_switch.nix) ++
|
||||||
|
(import ./switch/rfbridge.nix);
|
||||||
|
light = (import ./light/statuslight.nix) ++
|
||||||
|
(import ./light/buzzer.nix);
|
||||||
|
timer = ten_hours.timer;
|
||||||
|
notify = [
|
||||||
|
{
|
||||||
|
platform = "kodi";
|
||||||
|
name = "wbob-kodi";
|
||||||
|
host = kodi-host;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
platform = "telegram";
|
||||||
|
name = "telegrambot";
|
||||||
|
chat_id = builtins.elemAt
|
||||||
|
(builtins.fromJSON (builtins.readFile
|
||||||
|
<secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
|
||||||
|
}
|
||||||
|
] ++ matrix.notify;
|
||||||
|
media_player = [
|
||||||
|
{ platform = "kodi";
|
||||||
|
host = kodi-host;
|
||||||
|
}
|
||||||
|
{ platform = "mpd";
|
||||||
|
host = "127.0.0.1";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
script = lib.fold lib.recursiveUpdate {} [
|
||||||
|
((import ./script/multi_blink.nix) {inherit lib;})
|
||||||
|
ten_hours.script
|
||||||
|
mittagessen.script
|
||||||
|
];
|
||||||
|
binary_sensor =
|
||||||
|
(import ./binary_sensor/buttons.nix) ++
|
||||||
|
(import ./binary_sensor/motion.nix);
|
||||||
|
|
||||||
|
sensor =
|
||||||
|
[{ platform = "version"; }] ++
|
||||||
|
(import ./sensor/pollen.nix) ++
|
||||||
|
(import ./sensor/espeasy.nix) ++
|
||||||
|
(import ./sensor/airquality.nix) ++
|
||||||
|
((import ./sensor/outside.nix) {inherit lib;}) ++
|
||||||
|
(import ./sensor/influxdb.nix) ++
|
||||||
|
(import ./sensor/tasmota_firmware.nix);
|
||||||
|
|
||||||
|
camera =
|
||||||
|
(import ./camera/verkehrskamera.nix);
|
||||||
|
|
||||||
|
# not yet released
|
||||||
|
#person =
|
||||||
|
# (import ./person/team.nix );
|
||||||
|
|
||||||
|
frontend = { };
|
||||||
|
http = {
|
||||||
|
# TODO: https://github.com/home-assistant/home-assistant/issues/16149
|
||||||
|
base_url = "http://192.168.8.11:8123";
|
||||||
|
api_password = "sistemas";
|
||||||
|
trusted_networks = [
|
||||||
|
"127.0.0.1/32"
|
||||||
|
"192.168.8.0/24"
|
||||||
|
"::1/128"
|
||||||
|
"fd00::/8"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
conversation = {};
|
||||||
|
history = {};
|
||||||
|
logbook = {};
|
||||||
|
tts = [
|
||||||
|
{ platform = "google";
|
||||||
|
language = "de";
|
||||||
|
}
|
||||||
|
{ platform = "voicerss";
|
||||||
|
api_key = builtins.readFile <secrets/hass/voicerss.apikey>;
|
||||||
|
language = "de-de";
|
||||||
|
}
|
||||||
|
{ platform = "picotts";
|
||||||
|
language = "de-DE";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
recorder = {};
|
||||||
|
sun = {};
|
||||||
|
telegram_bot = [
|
||||||
|
(builtins.fromJSON
|
||||||
|
(builtins.readFile <secrets/hass/telegram-bot.json>))
|
||||||
|
];
|
||||||
|
group =
|
||||||
|
{ default_view =
|
||||||
|
{ view = "yes";
|
||||||
|
entities = [
|
||||||
|
"group.sensors"
|
||||||
|
"group.camera"
|
||||||
|
"group.outside"
|
||||||
|
"group.team"
|
||||||
|
"group.nachtlicht"
|
||||||
|
"group.switches"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
automation = [];
|
||||||
|
|
||||||
|
switches = [
|
||||||
|
"switch.bauarbeiterlampe"
|
||||||
|
"switch.blitzdings"
|
||||||
|
"switch.fernseher"
|
||||||
|
"switch.feuer"
|
||||||
|
"light.status_felix"
|
||||||
|
"light.status_daniel"
|
||||||
|
"light.buslicht"
|
||||||
|
];
|
||||||
|
team = [
|
||||||
|
"device_tracker.thorsten_phone"
|
||||||
|
"device_tracker.felix_phone"
|
||||||
|
"device_tracker.ecki_tablet"
|
||||||
|
"device_tracker.daniel_phone"
|
||||||
|
"device_tracker.carsten_phone"
|
||||||
|
"device_tracker.thierry_phone"
|
||||||
|
"device_tracker.frank_phone"
|
||||||
|
"device_tracker.anthony_phone"
|
||||||
|
# "person.thorsten"
|
||||||
|
# "person.felix"
|
||||||
|
# "person.ecki"
|
||||||
|
# "person.daniel"
|
||||||
|
];
|
||||||
|
camera = [
|
||||||
|
"camera.Baumarkt"
|
||||||
|
"camera.Autobahn_Heilbronn"
|
||||||
|
"camera.Autobahn_Singen"
|
||||||
|
];
|
||||||
|
nachtlicht = [
|
||||||
|
"switch.nachtlicht_a"
|
||||||
|
"switch.nachtlicht_b"
|
||||||
|
"switch.nachtlicht_c"
|
||||||
|
"switch.nachtlicht_d"
|
||||||
|
];
|
||||||
|
sensors = [
|
||||||
|
"media_player.kodi"
|
||||||
|
"script.blitz_10s"
|
||||||
|
"script.buzz_red_led_fast"
|
||||||
|
"timer.felix_10h"
|
||||||
|
"timer.frank_10h"
|
||||||
|
"sensor.easy2_dht22_humidity"
|
||||||
|
"sensor.easy2_dht22_temperature"
|
||||||
|
"sensor.air_quality"
|
||||||
|
# "binary_sensor.redbutton"
|
||||||
|
];
|
||||||
|
outside = [
|
||||||
|
# "sensor.ditzingen_pm10"
|
||||||
|
# "sensor.ditzingen_pm25"
|
||||||
|
"sensor.dark_sky_icon"
|
||||||
|
"sensor.dark_sky_temperature"
|
||||||
|
"sensor.dark_sky_humidity"
|
||||||
|
"sensor.dark_sky_uv_index"
|
||||||
|
# "sensor.dark_sky_pressure"
|
||||||
|
"sensor.dark_sky_hourly_summary"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
# only for automation
|
||||||
|
# feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ];
|
||||||
|
# we don't use imports because the expressions do not merge in
|
||||||
|
# home-assistant
|
||||||
|
automation = (import ./automation/bureau-shutdown.nix) ++
|
||||||
|
(import ./automation/nachtlicht.nix) ++
|
||||||
|
(import ./automation/schlechteluft.nix) ++
|
||||||
|
(import ./automation/hass-restart.nix) ++
|
||||||
|
ten_hours.automation ++
|
||||||
|
matrix.automation ++
|
||||||
|
mittagessen.automation;
|
||||||
|
device_tracker = (import ./device_tracker/openwrt.nix );
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
32
makefu/2configs/bureautomation/deps/dwd_pollen.nix
Normal file
32
makefu/2configs/bureautomation/deps/dwd_pollen.nix
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
{ lib
|
||||||
|
, buildPythonPackage
|
||||||
|
, fetchFromGitHub
|
||||||
|
, python
|
||||||
|
, voluptuous
|
||||||
|
}:
|
||||||
|
|
||||||
|
buildPythonPackage rec {
|
||||||
|
format = "other";
|
||||||
|
pname = "dwd_pollen";
|
||||||
|
version = "0.1";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "marcschumacher";
|
||||||
|
repo = "dwd_pollen";
|
||||||
|
rev = version;
|
||||||
|
sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1";
|
||||||
|
};
|
||||||
|
propagatedBuildInputs = [
|
||||||
|
voluptuous
|
||||||
|
];
|
||||||
|
installPhase = ''
|
||||||
|
install -D -t $out/${python.sitePackages}/homeassistant/components/sensor/dwd_pollen *
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "Home Assistant component to retrieve Pollen data from DWD (Germany)";
|
||||||
|
homepage = https://github.com/marcschumacher/dwd_pollen;
|
||||||
|
license = licenses.mit;
|
||||||
|
maintainers = [ maintainers.makefu ];
|
||||||
|
};
|
||||||
|
}
|
27
makefu/2configs/bureautomation/deps/gtts-token.nix
Normal file
27
makefu/2configs/bureautomation/deps/gtts-token.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ lib
|
||||||
|
, buildPythonPackage
|
||||||
|
, fetchPypi
|
||||||
|
, requests
|
||||||
|
}:
|
||||||
|
|
||||||
|
buildPythonPackage rec {
|
||||||
|
pname = "gtts-token";
|
||||||
|
version = "1.1.3";
|
||||||
|
|
||||||
|
src = fetchPypi {
|
||||||
|
pname = "gTTS-token";
|
||||||
|
inherit version;
|
||||||
|
sha256 = "9d6819a85b813f235397ef931ad4b680f03d843c9b2a9e74dd95175a4bc012c5";
|
||||||
|
};
|
||||||
|
|
||||||
|
propagatedBuildInputs = [
|
||||||
|
requests
|
||||||
|
];
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "Calculates a token to run the Google Translate text to speech";
|
||||||
|
homepage = https://github.com/boudewijn26/gTTS-token;
|
||||||
|
license = licenses.mit;
|
||||||
|
# maintainers = [ maintainers. ];
|
||||||
|
};
|
||||||
|
}
|
33
makefu/2configs/bureautomation/deps/pyhaversion.nix
Normal file
33
makefu/2configs/bureautomation/deps/pyhaversion.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{ lib
|
||||||
|
, buildPythonPackage
|
||||||
|
, fetchpatch
|
||||||
|
, fetchPypi
|
||||||
|
, aiohttp
|
||||||
|
, async-timeout
|
||||||
|
}:
|
||||||
|
|
||||||
|
buildPythonPackage rec {
|
||||||
|
pname = "pyhaversion";
|
||||||
|
version = "2.2.1";
|
||||||
|
|
||||||
|
src = fetchPypi {
|
||||||
|
inherit pname version;
|
||||||
|
sha256 = "72b65aa25d7b2dbb839a4d0218df2005c2335e93526035904d365bb668030b9f";
|
||||||
|
};
|
||||||
|
patches = [
|
||||||
|
(fetchpatch { url = "https://github.com/makefu/pyhaversion/commit/f3bdc38970272cd345c2cfbde3037ea492ca27c4.patch";
|
||||||
|
sha256 =
|
||||||
|
"1rhq4z7mdgnwhwpf5fmarnbc1ba3qysk1wqjdr0hvbzi8vmvbfcc";})
|
||||||
|
];
|
||||||
|
doCheck = false;
|
||||||
|
propagatedBuildInputs = [
|
||||||
|
aiohttp
|
||||||
|
async-timeout
|
||||||
|
];
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "";
|
||||||
|
homepage = https://github.com/ludeeus/pyhaversion;
|
||||||
|
# maintainers = [ maintainers. ];
|
||||||
|
};
|
||||||
|
}
|
@ -1,3 +1,6 @@
|
|||||||
|
# requires `opkg install luci-mod-rpc` on router
|
||||||
|
# see https://www.home-assistant.io/components/luci/
|
||||||
|
|
||||||
[
|
[
|
||||||
{ platform = "luci";
|
{ platform = "luci";
|
||||||
name = "router";
|
name = "router";
|
||||||
|
@ -1,198 +0,0 @@
|
|||||||
{ pkgs, lib, ... }:
|
|
||||||
let
|
|
||||||
kodi-host = "192.168.8.11";
|
|
||||||
in {
|
|
||||||
networking.firewall.allowedTCPPorts = [ 8123 ];
|
|
||||||
state = [ "/var/lib/hass/known_devices.yaml" ];
|
|
||||||
services.home-assistant = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.home-assistant.override { python3 = pkgs.python36; };
|
|
||||||
config = {
|
|
||||||
homeassistant = {
|
|
||||||
name = "Bureautomation";
|
|
||||||
time_zone = "Europe/Berlin";
|
|
||||||
latitude = "48.8265";
|
|
||||||
longitude = "9.0676";
|
|
||||||
elevation = 303;
|
|
||||||
auth_providers = [
|
|
||||||
{ type = "homeassistant";}
|
|
||||||
{ type = "legacy_api_password";}
|
|
||||||
{ type = "trusted_networks";
|
|
||||||
# allow_bypass_login = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
mqtt = {
|
|
||||||
broker = "localhost";
|
|
||||||
port = 1883;
|
|
||||||
client_id = "home-assistant";
|
|
||||||
keepalive = 60;
|
|
||||||
protocol = 3.1;
|
|
||||||
birth_message = {
|
|
||||||
topic = "/bam/hass/tele/LWT";
|
|
||||||
payload = "Online";
|
|
||||||
qos = 1;
|
|
||||||
retain = true;
|
|
||||||
};
|
|
||||||
will_message = {
|
|
||||||
topic = "/bam/hass/tele/LWT";
|
|
||||||
payload = "Offline";
|
|
||||||
qos = 1;
|
|
||||||
retain = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
switch = (import ./switch/tasmota_switch.nix) ++
|
|
||||||
(import ./switch/rfbridge.nix);
|
|
||||||
light = (import ./light/statuslight.nix) ++
|
|
||||||
(import ./light/buzzer.nix);
|
|
||||||
timer = {
|
|
||||||
felix_10h = {
|
|
||||||
name = "Felix 10h Timer";
|
|
||||||
duration = "10:00:00";
|
|
||||||
};
|
|
||||||
felix_8_30h = {
|
|
||||||
name = "Felix 8_30h Timer";
|
|
||||||
duration = "08:30:00";
|
|
||||||
};
|
|
||||||
felix_7h = {
|
|
||||||
name = "Felix 7h Timer";
|
|
||||||
duration = "07:00:00";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
notify = [
|
|
||||||
{
|
|
||||||
platform = "kodi";
|
|
||||||
name = "wbob-kodi";
|
|
||||||
host = kodi-host;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
platform = "telegram";
|
|
||||||
name = "telegrambot";
|
|
||||||
chat_id = builtins.elemAt
|
|
||||||
(builtins.fromJSON (builtins.readFile
|
|
||||||
<secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
media_player = [
|
|
||||||
{ platform = "kodi";
|
|
||||||
host = kodi-host;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
script = (import ./script/multi_blink.nix) {inherit lib;};
|
|
||||||
binary_sensor =
|
|
||||||
(import ./binary_sensor/buttons.nix) ++
|
|
||||||
(import ./binary_sensor/motion.nix);
|
|
||||||
|
|
||||||
sensor =
|
|
||||||
(import ./sensor/espeasy.nix) ++
|
|
||||||
((import ./sensor/outside.nix) {inherit lib;}) ++
|
|
||||||
(import ./sensor/influxdb.nix) ++
|
|
||||||
(import ./sensor/tasmota_firmware.nix);
|
|
||||||
|
|
||||||
camera =
|
|
||||||
(import ./camera/verkehrskamera.nix);
|
|
||||||
|
|
||||||
# not yet released
|
|
||||||
#person =
|
|
||||||
# (import ./person/team.nix );
|
|
||||||
|
|
||||||
frontend = { };
|
|
||||||
http = {
|
|
||||||
# TODO: https://github.com/home-assistant/home-assistant/issues/16149
|
|
||||||
api_password = "sistemas";
|
|
||||||
trusted_networks = [
|
|
||||||
"127.0.0.1/32"
|
|
||||||
"192.168.8.0/24"
|
|
||||||
"::1/128"
|
|
||||||
"fd00::/8"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
conversation = {};
|
|
||||||
history = {};
|
|
||||||
logbook = {};
|
|
||||||
tts = [ { platform = "google";} ];
|
|
||||||
recorder = {};
|
|
||||||
sun = {};
|
|
||||||
telegram_bot = [
|
|
||||||
(builtins.fromJSON
|
|
||||||
(builtins.readFile <secrets/hass/telegram-bot.json>))
|
|
||||||
];
|
|
||||||
group =
|
|
||||||
{ default_view =
|
|
||||||
{ view = "yes";
|
|
||||||
entities = [
|
|
||||||
"group.sensors"
|
|
||||||
"group.camera"
|
|
||||||
"group.outside"
|
|
||||||
"group.team"
|
|
||||||
"group.nachtlicht"
|
|
||||||
"group.switches"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
automation = [
|
|
||||||
];
|
|
||||||
switches = [
|
|
||||||
"switch.bauarbeiterlampe"
|
|
||||||
"switch.blitzdings"
|
|
||||||
"switch.fernseher"
|
|
||||||
"switch.feuer"
|
|
||||||
"light.status_felix"
|
|
||||||
"light.status_daniel"
|
|
||||||
"light.buslicht"
|
|
||||||
];
|
|
||||||
team = [
|
|
||||||
"device_tracker.thorsten_phone"
|
|
||||||
"device_tracker.felix_phone"
|
|
||||||
"device_tracker.ecki_tablet"
|
|
||||||
"device_tracker.daniel_phone"
|
|
||||||
"device_tracker.carsten_phone"
|
|
||||||
"device_tracker.thierry_phone"
|
|
||||||
# "person.thorsten"
|
|
||||||
# "person.felix"
|
|
||||||
# "person.ecki"
|
|
||||||
# "person.daniel"
|
|
||||||
];
|
|
||||||
camera = [
|
|
||||||
"camera.Baumarkt"
|
|
||||||
"camera.Autobahn_Heilbronn"
|
|
||||||
"camera.Autobahn_Singen"
|
|
||||||
];
|
|
||||||
nachtlicht = [
|
|
||||||
"switch.nachtlicht_a"
|
|
||||||
"switch.nachtlicht_b"
|
|
||||||
"switch.nachtlicht_c"
|
|
||||||
"switch.nachtlicht_d"
|
|
||||||
];
|
|
||||||
sensors = [
|
|
||||||
"media_player.kodi"
|
|
||||||
"script.blitz_10s"
|
|
||||||
"script.buzz_red_led_fast"
|
|
||||||
"timer.felix_10h"
|
|
||||||
"sensor.easy2_dht22_humidity"
|
|
||||||
"sensor.easy2_dht22_temperature"
|
|
||||||
# "binary_sensor.redbutton"
|
|
||||||
];
|
|
||||||
outside = [
|
|
||||||
# "sensor.ditzingen_pm10"
|
|
||||||
# "sensor.ditzingen_pm25"
|
|
||||||
"sensor.dark_sky_icon"
|
|
||||||
"sensor.dark_sky_temperature"
|
|
||||||
"sensor.dark_sky_humidity"
|
|
||||||
"sensor.dark_sky_uv_index"
|
|
||||||
# "sensor.dark_sky_pressure"
|
|
||||||
"sensor.dark_sky_hourly_summary"
|
|
||||||
"device_tracker.router"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
# only for automation
|
|
||||||
# feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ];
|
|
||||||
# we don't use imports because the expressions do not merge in
|
|
||||||
# home-assistant
|
|
||||||
automation = (import ./automation/bureau-shutdown.nix) ++
|
|
||||||
(import ./automation/nachtlicht.nix) ++
|
|
||||||
(import ./automation/hass-restart.nix) ++
|
|
||||||
(import ./automation/10h_timer.nix);
|
|
||||||
device_tracker = (import ./device_tracker/openwrt.nix );
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,5 +1,7 @@
|
|||||||
{lib, ... }:
|
{lib, ... }:
|
||||||
let
|
let
|
||||||
|
# TODO: flash with different delay
|
||||||
|
|
||||||
# let an entity blink for X times with a delay of Y milliseconds
|
# let an entity blink for X times with a delay of Y milliseconds
|
||||||
flash_entity = { entity, delay ? 500, count ? 4, alias ? "${entity}_blink_${toString count}_${toString delay}" }:
|
flash_entity = { entity, delay ? 500, count ? 4, alias ? "${entity}_blink_${toString count}_${toString delay}" }:
|
||||||
{
|
{
|
||||||
@ -34,4 +36,10 @@ in {
|
|||||||
count = 1;
|
count = 1;
|
||||||
alias = "blitz for 10 seconds";
|
alias = "blitz for 10 seconds";
|
||||||
});
|
});
|
||||||
|
schlechteluft = (flash_entity {
|
||||||
|
entity = "switch.bauarbeiterlampe";
|
||||||
|
alias = "Schlechte Luft Lampe 5 secs";
|
||||||
|
delay = 5000;
|
||||||
|
count = 1;
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
9
makefu/2configs/bureautomation/sensor/airquality.nix
Normal file
9
makefu/2configs/bureautomation/sensor/airquality.nix
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
[
|
||||||
|
# coming from 2configs/stats/telegraf/
|
||||||
|
{ platform = "mqtt";
|
||||||
|
name = "Air Quality";
|
||||||
|
state_topic = "/telegraf/wbob/airquality";
|
||||||
|
value_template = "{{ value_json.fields.value }}";
|
||||||
|
unit_of_measurement = "VOC";
|
||||||
|
}
|
||||||
|
]
|
7
makefu/2configs/bureautomation/sensor/pollen.nix
Normal file
7
makefu/2configs/bureautomation/sensor/pollen.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
[ {
|
||||||
|
platform = "dwd_pollen";
|
||||||
|
partsregion_ids = [
|
||||||
|
112
|
||||||
|
];
|
||||||
|
}
|
||||||
|
]
|
@ -1,7 +1,11 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz")
|
(builtins.fetchTarball {
|
||||||
|
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz";
|
||||||
|
sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx";
|
||||||
|
}
|
||||||
|
)
|
||||||
];
|
];
|
||||||
|
|
||||||
mailserver = {
|
mailserver = {
|
||||||
|
@ -14,6 +14,6 @@
|
|||||||
saleae-logic
|
saleae-logic
|
||||||
gitAndTools.gitFull
|
gitAndTools.gitFull
|
||||||
signal-desktop
|
signal-desktop
|
||||||
rambox
|
# rambox
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
46
makefu/2configs/wireguard/wiregrill.nix
Normal file
46
makefu/2configs/wireguard/wiregrill.nix
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: let
|
||||||
|
|
||||||
|
self = config.krebs.build.host.nets.wiregrill;
|
||||||
|
isRouter = !isNull self.via; # via "internet" is not set
|
||||||
|
ext-if = config.makefu.server.primary-itf;
|
||||||
|
|
||||||
|
in mkIf (hasAttr "wiregrill" config.krebs.build.host.nets) {
|
||||||
|
#hack for modprobe inside containers
|
||||||
|
systemd.services."wireguard-wiregrill".path = mkIf config.boot.isContainer (mkBefore [
|
||||||
|
(pkgs.writeDashBin "modprobe" ":")
|
||||||
|
]);
|
||||||
|
|
||||||
|
boot.kernel.sysctl = mkIf isRouter {
|
||||||
|
"net.ipv6.conf.all.forwarding" = 1;
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall = {
|
||||||
|
allowedUDPPorts = [ self.wireguard.port ];
|
||||||
|
extraCommands = ''
|
||||||
|
iptables -A FORWARD -i wiregrill -o wiregrill -j ACCEPT
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.wireguard.interfaces.wiregrill = {
|
||||||
|
ips =
|
||||||
|
(optional (!isNull self.ip4) self.ip4.addr) ++
|
||||||
|
(optional (!isNull self.ip6) self.ip6.addr);
|
||||||
|
listenPort = self.wireguard.port;
|
||||||
|
privateKeyFile = (toString <secrets>) + "/wiregrill.key";
|
||||||
|
allowedIPsAsRoutes = true;
|
||||||
|
peers = mapAttrsToList
|
||||||
|
(_: host: {
|
||||||
|
allowedIPs = if isRouter then
|
||||||
|
(optional (!isNull host.nets.wiregrill.ip4) host.nets.wiregrill.ip4.addr) ++
|
||||||
|
(optional (!isNull host.nets.wiregrill.ip6) host.nets.wiregrill.ip6.addr)
|
||||||
|
else
|
||||||
|
host.nets.wiregrill.wireguard.subnets
|
||||||
|
;
|
||||||
|
endpoint = mkIf (!isNull host.nets.wiregrill.via) (host.nets.wiregrill.via.ip4.addr + ":${toString host.nets.wiregrill.wireguard.port}");
|
||||||
|
persistentKeepalive = mkIf (!isNull host.nets.wiregrill.via) 61;
|
||||||
|
publicKey = (replaceStrings ["\n"] [""] host.nets.wiregrill.wireguard.pubkey);
|
||||||
|
})
|
||||||
|
(filterAttrs (_: h: hasAttr "wiregrill" h.nets) config.krebs.hosts);
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user